Russian Security Hackingthe 'Internet of Things'
Stephen Komarnyckyj reports on documents revealed by Russian hackers that claim that their country’s security service has commissioned a programme which exploits smart appliances.
Russia’s security service, the FSB, have commissioned a programme which uses the ‘Internet of Things’ (IoT) for espionage, according to a hacking group Digital Revolution. The group published what they claim are images of the documentation for the project on 18 March 2020.
The programme known as Fronton accesses devices linked to the web through the ‘Internet of Things’. Any smart appliance ranging from a washing machine to a camera in a shopping mall is potentially vulnerable. The programme uses these devices to attack web services. Social media sites could be blocked or the internet services of a small country could be paralysed swiftly.
The hackers have released images of code snippets which show that the programme was being developed as long ago as 2017 to 2018. There is also a technical specification for the programme purportedly issued by military unit No 64829, which is the FSB’s information security centre.
The specification was purportedly used to commission the development of the programme from the Russian firm InformInvestGrupp. According to its website, the company, which was established in 1998, is licensed by the FSB to carry out confidential government projects.
The Moscow based firm Oday is also allegedly involved in developing the cyberweaponry, according to the documents. Oday has previously worked with Russia’s interior ministry on programmes for collecting information on internet users. Its CEO, Ruslan Gilyazov, is an IT specialist who also heads an IT security laboratory at Moscow’s Lomonosov University where he often recruits staff for the firm. He specialises in the mathematics of internet security and would have the skills necessary to develop some elements of the programme.
Digital Revolution claimed to have hacked Oday’s servers in April 2019 but the company refused to confirm or deny this allegation. However, the quantity of documents published then, the wealth of information they contained and the level of detail makes it hard to believe that they were forged.
The ‘Internet of Things’ is particularly vulnerable to CyberAttack. Many users simply unpack their products and use them without modifying the default passwords installed by the manufacturer making them vulnerable to hackers.
The FSB was partly inspired to develop the programme after witnessing the 2016 ‘success’ of a malicious programme called Mirai. Mirai targeted consumer goods such as cameras linked to the ‘Internet of Things’. On 21 October 2016, the programme was used to attack Dyn, a web service provider, resulting in dozens of sites being blocked in some areas of North America and Europe. The sites affected included The New York Times, Twitter and amazon.com.
Fronton would draw mainly on video cameras and recorders because they have a sufficient ‘communication channel’ to launch attacks. A special search server would be used to spot devices that could be targeted. The server would use the TOR browser — a free software which hides a web user’s identity — so that tracing the source of any attack is almost impossible.
The documents published by Digital Revolution raise serious concerns over the security of any gadget linked to the web and the new arms race for supremacy in the cyber world.