Saturday, December 24, 2016

A new twist on electronic warfare


It seems Russia has found a new use for Android malware.

A hacking group linked to the Russian government and high-profile cyber attacks against Democrats during the U.S. presidential election likely used a malware implant on Android devices to track and target Ukrainian artillery units from late 2014 through 2016, according to a new report released Thursday.

The malware was able to retrieve communications and some locational data from infected devices, intelligence that would have likely been used to strike against the artillery in support of pro-Russian separatists fighting in eastern Ukraine, the report from cyber security firm CrowdStrike found.

. . .

The hacking group, known commonly as Fancy Bear or APT 28, is believed by U.S. intelligence officials to work primarily on behalf of the GRU, Russia's military intelligence agency.

. . .

The implant leveraged a legitimate Android application developed by a Ukrainian artillery officer to process targeting data more quickly, CrowdStrike said.

Its deployment "extends Russian cyber capabilities to the front lines of the battlefield", the report said, and "could have facilitated anticipatory awareness of Ukrainian artillery force troop movement, thus providing Russian forces with useful strategic planning information".

There's more at the link.

It's interesting that the hackers targeted a Ukrainian military app, and were able to infect its download source.  The US military uses many specially developed apps, so I'm sure it's taking precautions against them being hacked in the same way.  This report will probably spur renewed efforts in that direction . . . and efforts to hack apps in the hands of potential and actual enemies as well.

Peter

6 comments:

Old NFO said...

I'm surprised they let this one out... Just sayin.

Sherm said...

The Ukrainian who developed the app demoed it on Youtube. It doesn't matter what your cyber security is if you don't have operational security too.

Anonymous said...

What Sherm said. I saw that on the news last night and facepalmed.

LittleRed1

CarlS said...

"A hacking group linked to the Russian government and high-profile cyber attacks against Democrats ..."

I still haven't seen any proof of these assertions. Given the demonstrated - repeatedly - untrustworthiness of all politicians and State Dept / Defense / Intel officials, and especially those of the current administration, why should I or anyone believe what they're telling us?

My previous experience with State and the District of Criminals may have given me a jaundiced viewpoint, but after all, anyone who lies for a living; such as politicians and career dips....; including those who wear uniforms, should not be trusted. Or so they taught me.

CarlS said...

Correction to my last:

"untrustworthiness of all politicians and State Dept / Defense / Intel officials,"

should read: all politicians and not a few State Dept / Defense / Intel officials"

DaddyBear said...

If you connect it to the Internet, it's going to get hacked, or at least tested. I'm hoping that our forces use an air-gapped solution for such things.