The attackers stole 7.5TB of data from a contractor of the FSB: the Russian national intelligence service.
A group of hackers attacked the servers and the site of SyTech, a contractor for the Russian government. The security company works under contract for the FSB (Federal Security Service) which is the main successor to the KGB, the Soviet security agency.
The objective of the hackers was clear from the beginning: 7.5 terabytes of data on dozens of secret projects in which the contractor was working on request. BBC Russia, the first to report the breach, call it “the largest data leak in the history of Russian special services”
The documents include numerous data collection and spying projects to citizens through the internet. The most dangerous, precisely because it is concerned with the right of anonymity on the Internet, is a project to “deanonymize” the traffic of the Tor network, using corrupt servers.
The SyTech site, the affected contractor, was also hacked. It is currently down, while the company apparently investigates the gap.
Russia against anonymity
The Tor network derives your internet traffic through random relays around the world. The reason is simple: protect the anonymity of network users.
This anonymity – and the encryption that goes hand in hand with it – is a very useful tool against censorship. In countries where press freedom is not a right, and where rebelling against the government can be dangerous, staying anonymous on the internet is key. In this way, Tor’s Onion network – and the Tor Browser browser – are used by journalists and activists around the world.
Breaking that anonymity in traffic could put them at risk, making the task of revealing their identities much easier.
It’s not just about Tor
The hackers reported the stolen information with Digital Revolution, another group of hackers from the Slavic country.
Digital Revolution circulated the stolen data and files on your Twitter account. These files revealed about 20 secret SyTech projects for the FSB. Namely:
- Nautilus: an AI designed to collect data about users of social networks, such as Facebook, MySpace and LinkedIn.
- Nautilus-S: the already mentioned traffic decryptor of Tor’s Onion network.
- Reward: an exploit to penetrate P2P networks and spy on users of the Torrent network.
- Mentor: program to monitor and search in a simple way emails between Russian companies.
- Hope: a project to investigate the topology of the Internet in Russia, in order to sever ties with other countries in the face of cyber attacks
- Tax-3: an intranet to store information of the Russian government, separated from the rest of the IT networks of the Russian state.
The filtration does not contain state secrets, and many of these projects are not currently active. In any case, it is worrisome to understand the consequences. If you are in Russia, and you thought Tor’s Onion network was anonymous, think twice.