NATO soldiers deployed to eastern Europe are scrambling to defend against smartphone hacks. The Wall Street Journal is reporting a new string of phone and account hacks launched against deployed US troops, targeting iCloud, Facebook, and even individual devices. Most of the attacks are not particularly sophisticated, but they could be enough to give away troop movements or other sensitive data if successful.
So far, the attacks have focused on the 4,000 NATO troops currently deployed in eastern Europe near the Russian border, suggesting a geopolitical motive behind the attacks. The Journal confirmed at least six individual soldiers who have suffered hacks, ranging from a compromised Facebook account to a phony “Find my iPhone” request. Another attack seemed to indicate a Stingray-like device harvesting contact information and deleting data from nearby phones.
The Journal attributes the attack to Russian state actors, citing U.S. officials who believe drones and other sophisticated techniques were involved. However, many of the specific attacks described in the piece would be within reach for a common criminals. Find my iPhone attacks are common among online vandals, often wiping or locating phones once an iCloud password is compromised.
It wouldn’t be the first time one of Russia’s enemies found themselves overwhelmed by low-level digital attacks. Earlier this year, a Russia-linked campaign sent malware-laced Twitter messages to more than 10,000 employees of the Department of Defense, allowing attackers to take control of any device that followed the attached link. Russian hackers used phishing techniques to steal and leak data from the Clinton campaign in the 2016 election, an attack the Director of National Intelligence believes was personally directed by Vladimir Putin. Similar attacks were also reported against the Macron campaign in France earlier this year.