A new report suggests the same hacking group believed to have hacked the Democrats during the recent presidential election also targeted Ukrainian artillery units over a two-year period, that if confirmed would add to suspicions they are Russian state operatives. The report, issued by cybersecurity firm CrowdStrike, said a malware implant on Android devices was used to track the movements of Ukrainian artillery units and then target them. The hackers were able to access communications and geolocations of the devices, which meant the artillery could then be fired on and destroyed. The report will further fuel concerns that Russia is deploying hacking and cyber-attacks as a tool of both war and foreign policy. The hack “extends Russian cyber-capabilities to the frontlines of the battlefield”, the report said. Russia gave military and logistical backing to separatists fighting against Ukrainian forces in east Ukraine, in a war that broke out in spring 2014. The application was designed for use with the D-30 122mm towed howitzer, a Soviet-made artillery weapon still in use today. The app reduced firing times from minutes to seconds, according to the Ukrainian officer who designed it. However, it appears that the Android app was infected with a Trojan.
CrowdStrike said open-source research suggested that during the two years of conflict, Ukrainian artillery forces lost 50% of all weaponry but over 80% of their D-30 howitzers. The higher than average loss suggests data gained from the hack was then used to target the artillery.
Research has shown that Russia shelled Ukraine from inside its own territory, as well as sending weapons and troops over the border. Officially, Russia denied any major role in the conflict.
The malware was a version of the type used in the hack of the Democratic National Committee, CrowdStrike believes, making it highly likely that Fancy Bear, a hacking group believed to be based in Russia, was the culprit. “The source code to this malware has not been observed in the public domain and appears to have been developed uniquely by Fancy Bear,” CrowdStrike said.