Russian FSB Contractor Breach Reveals 7.5TB of Data

Written by

Russia’s fearsome intelligence agency the FSB has been trying to decrypt Tor traffic since 2012, according to new reports stemming from a major breach of a Russian defense contractor.

The firm in question, SyTech, was revealed to be working on several projects. It was breached by a group known as 0v1ru$, which defaced its website and stole 7.5TB of data from its servers – amounting to one of the worst such incidents of its kind in Russia.

The information, which includes details on several projects and the managers in charge of each, was passed on to another hacking group, Digital Revolution, who in turn passed it to reporters. Digital Revolution is said previously to have hacked the Kvant Research Institute, also run by the FSB.

Although no state secrets are said to have been exposed, the revelations are highly embarrassing for the Kremlin, and President Putin.

One project, Nautilus-S, describes an attempted de-anonymization of the Tor network, which began back in 2012.

Another version of the Nautilus project details an attempt to collect information on social media users, while one known as “Mentor” targets email communications sent by Russian enterprises.

Two more projects, Hope and Tax-3, are related to attempts by the Putin regime to split the internet in the country from the global web.

The plan was approved by the Russian parliament in April. Although it was billed as an attempt to reduce national security risk by pre-empting an online attack by foreign powers, it could also lay the foundations for a China-style great firewall, some have argued.

The latest revelations from SyTech show those plans are well along. Tax-3 will create an intranet for the storage of information on important state figures, while Hope is all about mapping the Russian internet and its connections to other countries.

Other projects revealed in the raid include ones targeting IM, file transfer services and P2P networks. They have apparently been ongoing since 2009 and linked to the FSB unit 71330.

What’s hot on Infosecurity Magazine?