Posted on October 5, 2017 at 1:29 PM
Russia managed to hack into at least 4000 NATO soldiers’ personal smartphones to obtain military information.
New evidence has recently come to light which suggested that Russia was responsible for hacking into thousands of North Atlantic Treaty Organization (NATO) soldiers’ personal smartphones to get access to sensitive military information including troop numbers.
The Russian hacking campaign targeted at least 4000 NATO soldiers currently stationed in Eastern Europe, including locations in Poland and Baltic states such as Estonia.
According to The Wall Street Journal, Russian-backed hackers in Moscow have been trying to monitor troop numbers on NATO bases. Hacking into the soldiers’ personal smartphones allowed them to keep tabs on the locations as well as the bases’ force strength.
The hacking also gave them additional military information including personal information on certain soldiers, which can be used for future intimidation.
The Russian hackers used a sophisticated range of equipment to launch the attack. Equipment included drones with highly complex surveillance equipment, as well as rogue access points on the ground which reportedly could be used to either track or hijack smartphones. The drone usage suggests that the attack was likely state-sponsored.
According to John Michelsen, chief technology officer of Zimperium, smartphones are the most vulnerable device in any organization. Zimperium is based in Dallas, and primarily handles the mobile security of governmental as well as corporate clients. According to Michelsen, there are innumerable ways in which a smartphone can be compromised.
Not only are mobile devices significantly more vulnerable than computers or desktops, but connecting them to a larger network can make smartphones even more vulnerable as it often allows hackers to bypass certain firewalls and security measures. Once the device is hacked, a hacker has all the access to the victim’s phone that apps do.
Spokesman of NATO headquarters in Brussels, Lt. Cdr. Davide Galli stated that NATO has previously experienced attempts to compromise their troops’ devices. However, Galli remains confident that NATO’s personnel are well-equipped enough to handle such an attack and the challenges it brings.
Galli did acknowledge the sophistication of the attack and stated that the attack and all its complexities can often make it difficult to immediately determine all contributing factors in an unequivocal way.
While Galli admitted that the NATO troops’ presence was defensive in nature, he emphasized that the troops are currently employing all possible security measures in order to protect their networks and mission. In addition, all allies are currently training their personnel to be more vigilant in their daily routines, both online and offline.
In addition to the smartphone attack, The Wall Street Journal also reported that at least six soldiers’ Facebook accounts or phones were hacked earlier this year.
The Government Accountability Office did issue a report in July this year that emphasized the security risks of devices that have an internet capability, including smartphones and wearable devices like smartwatches. The operational risks that were pointed out by the Department of Defence included personal smartphones and DoD-issued devices which could be installed with a rogue application where the device can take pictures and track the user’s location.
According to Michelsen, the military can easily fall victim to malicious attackers that can use malware to turn a smartphone into a powerful weapon. Any affected phone on a NATO base can be used to connect to the NATO network and used by the hacker.
Compromising smartphones creates the possibility for Russian Intelligence to exploit certain vulnerabilities commonly found in smartphones. Software vulnerabilities can easily allow a hacker to remotely access the victim’s microphone, camera, or GPS location for espionage.
Thus far several soldiers, including high-profile lieutenants have reported strange activities on their personal smartphones which indicated that the device was hacked and used for tracking soldiers’ locations.