Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Online security and privacyVPN for your company networkPassword managementBusinessBusiness password solutionsEncryption with cloud storage
Connection DNS Firewall Internet speed Proxy VPN
Cybersecurity Attacks & breaches Hacking Malware Vulnerabilities
How-To Disable accounts Limit tracking Unblock Uninstall apps
Laws & regulations Internet regulation Internet shutdowns Surveillance
NordVPN expertise Engineering Interviews News Research Social responsibility
Safe behavior Anonymity Home security Online habits Online threats Sensitive data
Service Updates App updates New features
Tools Apps Comparisons Software
Blog chevron right News

Russian government hackers use common techniques to hit targets

calendar Oct 08, 2018
menu book 1 min read

Last Thursday, the U.S. Department of Justice charged 7 Russian government hackers with a range of daring hacks executed around the world. One of the most surprising revelations, however, was just how relatively common some of their methods were.

Daniel Markuson

Daniel Markuson
calendar Oct 08, 2018
menu book 1 min read
Russian government hackers use common techniques to hit targets

The dangers of public Wi-Fi

As hackers employed by the GRU – Russian military intelligence – the 7 hackers’ targets came as no surprise. They included:

  • The lab responsible for analyzing the nerve agent used in the Skripal poisoning case;
  • The lab responsible for analyzing reports of chemical weapon use in Syria;
  • Numerous anti-doping agencies and organizations responsible for revealing the Russian state-run doping ring;
  • U.S. nuclear power companies that worked with Ukraine.

The hackers in question are likely to be safe in Russia and will probably only be apprehended if they travel to Europe or the U.S. What they did leave behind, however, was a trail of evidence of their exploits – and you’d be surprised how relevant some of that evidence is to your everyday life!

How to hack hotel Wi-Fi

Despite being backed by the Russian government, these hackers’ tools of choice aren’t much different than what the average hacker-thief would use to steal your credit card info. Some of the devices they used can be ordered online by anyone for just $100.

Let’s examine their methods. The Russian state hacking apparatus has a great deal of experience with hacking methods from afar, but the two weakest links in most of your online connections are you and your Wi-Fi, in that order. It’s no surprise that they relied primarily on two common but highly successful attacks so they could hit their targets:

  • MITM (Man-In-The-Middle) attacks: Many of the hackers’ targets were specific institutions or people. These can be tough to target from thousands of miles away, but if you’re sitting in an unmarked car right outside a hotel or laboratory, it suddenly becomes very easy! And that’s exactly what the hackers did. By using a Pineapple Wi-Fi device, they could pose as legitimate networks and trick devices into connecting to them and using their internet. Then, they can scan any information sent by users over unsecured connections. All it takes is one unsecured user with the right credentials for the hackers to gain access to the internal system and take or sabotage any data they want.
  • Spearfishing: Okay, so spearfishing doesn’t necessarily require close proximity, but it’s still one of the methods that the Russian hackers used to crack their targets. Fishing emails cast a wide net by trying to fool thousands of recipients into handing over sensitive information (by posing as websites like PayPal, for example). Spearfishing is more targeted and focused – these emails get sent to specific users and impersonate websites that the attacker knows the target uses. You might expect fishing emails that pretend they’re from a leading bank in your country, but you won’t expect one posing as your job’s internal scheduling system. However, that’s exactly the type of email a Russian hacker might send to a lab employee. All it takes is one employee entering their login credentials or downloading some malware and they're in.

Myths this case debunks

There are many reasons why people dismiss the need for personal online security, and this case blows some of them right out of the water.

  • “Hacking is rare because it’s so hard to do.” The tools used by these hackers were far from the most advanced tools in their arsenal – and they were successful against large international institutions. As I mentioned, you can purchase one of the devices they used online for $100 or $200. Anyone can. They are usually used by security experts to perform penetration testing, but they’re obviously easily abused by hackers as well. In this case, you can defend yourself from ordinary hackers and state-sponsored military hackers using the same methods.
  • “I’m not important enough to be targeted.” First of all, there are plenty of common thieves-turned-hackers out there who’d like to disagree with you. Picking pockets is so last decade. Why do that when you can hit thousands of potential targets all at once? If you have a bank account, you’re fair game. But we’re not talking about common thieves here – we’re talking about state-sponsored military intelligence. Chances are they have no reason to target someone like you, right? Well, perhaps. However, it can be difficult to predict who might want to target you specifically and why. From corporate espionage and excessive government surveillance to hackers working for foreign interests, there can be plenty of reasons to be targeted that you may not be aware of. By staying unsecured, you put yourself, your employer, and people around you at risk.

How to stay secure

Spearfishing can be tough to defend yourself again. It requires a good eye for fake email addresses or websites and a healthy dose of skepticism. Whenever you get an email to a page where you need to enter your password, consider these questions:

  1. Why do they need my password and why do they need it now?
  2. Do the website and sender’s email address look legitimate?
  3. Have I ever received a message like this before? Was it legit?
  4. If I have time, can I contact the real institution in question and confirm the validity of this email or request?

Protecting yourself from MITM attacks is much easier with a VPN. These are basically the attack that VPNs were designed to prevent! By encrypting your traffic, they block attackers from seeing your data and from redirecting you to fake websites. All you need to do is turn on your NordVPN app.

Daniel Markuson
Daniel Markuson Daniel Markuson
Daniel is a digital privacy enthusiast and an internet security expert. As the blog editor at NordVPN, Daniel is generous with spreading news, stories, and tips through the power of a well-written word.

Trending articles

blog feature test
Online habits

Apr 18, 2023

10 min read

How to tell if your Facebook has been hacked in 2023
Paulius Ilevičius

Paulius Ilevičius
blog feature test
Home security

Mar 30, 2023

10 min read

Ring hacked: Doorbell and camera security issues
Paulius Ilevičius

Paulius Ilevičius
blog feature test
Sensitive data

Jun 05, 2023

13 min read

WEP, WPA, WPA2, and WPA3: Differences explained
Irma Šlekytė

Irma Šlekytė

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.