Russian rogue cell sites, spy drones target NATO troop smartphones, says report

Key Points
  • Moscow's smartphone campaign targeted at least 4,000 NATO troops in Eastern Europe, including U.S. soldiers, according to the Wall Street Journal.
  • Russia wants troop numbers on NATO bases, and the hacking into soldiers' personal smartphones allows them to keep tabs on force strength.
  • Drones with surveillance equipment as well as rogue access points on the ground give Russia the capability to track or hijack smartphones.
NATO advance force battalion group (EFP) demonstrates a water obstacle crossing during an International exercise 'Iron Wolf 2017 /Saber Strike 2017' in Stasenai on June 20, 2017.
Petras Malukas | AFP | Getty Images

There are signs Russia hacked into the personal cellphones of NATO soldiers and tried to obtain sensitive military information such as troop numbers, according to a report.

The smartphone hacking campaign by Russia targeted a group of at least 4,000 NATO troops in Eastern Europe, including soldiers stationed in Poland and Baltic states such as Estonia, according to The Wall Street Journal.

According to the Journal, Moscow has been attempting to monitor troop numbers on NATO bases, and hacking into soldiers' personal smartphones allows them to keep tabs on force strength. The snooping also gives them other operational information as well as personal details on soldiers that they can use for intimidation.

Equipment used included drones with sophisticated surveillance equipment as well as rogue access points on the ground to apparently track or hijack smartphone devices. It said the use of advanced drones suggests the activity was by a state-sponsored group.

"We call smartphones the most vulnerable computing device in an organization," said John Michelsen, the chief technology officer of Zimperium, a Dallas-based mobile security firm with government and corporate clients. "There are so many ways to compromise a mobile device — many more than a typical desktop or server."

Moreover, Michelsen told CNBC specialized apps built for the purpose of connecting mobile phones to network systems in large organizations can also be vulnerable and allow hackers to breach firewalls. "When compromised, the hacker has the same access to those systems that the apps do," he said.

Lt. Cdr. Davide Galli, spokesman at NATO headquarters in Brussels, told CNBC: "We have seen attempts to undermine troops deployed in this part of our Alliance, but our personnel are well-equipped to perform the mission at hand, despite hybrid challenges. The kind of attacks are often complex and sophisticated, therefore it's not always possible to determine all factors in an unequivocal way."

Galli said the troop presence in the eastern part of the alliance is defensive in nature, but added "we are taking all necessary measures to protect the mission, including our networks. Allies are also training their personnel to be vigilant as part of their daily routines, including online."

The Journal quoted a U.S. military officer by name whose smartphone was targeted this year and who was aware of at least six other soldiers under his command whose phones or Facebook accounts were hacked.

CNBC reached out to the Pentagon and Facebook for comment.

In July, the Government Accountability Office issued a report that highlighted "numerous security risks" of internet-capable devices, including smartphones and wearable fitness devices. The federal agency pointed out that the operational risks identified by the Department of Defense included smartphones, both personal and DoD-issued devices, that can be installed with "rogue applications" and "take pictures or record the user's locations."

In the case of the military, Michelsen said bad actors can deploy malware to "make that phone a weapon out in the field or on a base." For example, the infected phone when on a NATO base could "connect to NATO's network and now that phone is a weapon being used by a hacker."

Compromising the smartphone and other mobile devices also opens the door to Russian intelligence and others to exploit software vulnerabilities to turn on device microphones for eavesdropping on conversations or to take pictures for nefarious purposes.

The Journal quoted a commander at a NATO base in Poland, U.S. Army Lt. Col. Christopher L'Heureux. His personal iPhone was hacked over the summer, and the paper said the cyber attackers tried "to breach a second layer of password protection through a Russian IP address."

"They were geolocating me, whoever it was," said the colonel, according to the paper. "I was like, 'What the heck is this.'"

The Army officer also pointed out others under his command in Poland were hacked and suggested the incidents were the work of Russian intelligence keen on cracking passwords and intimidating allied soldiers.

The report also pointed out that hacking can be used by adversaries to "sow confusion" by sending out false instructions to troops.

In Estonia, near the Russian border, there also were cases of NATO soldiers' personal smartphones doing "strange things," the Journal said. "A probe indicated Russia had used a portable telephone antenna to gain access to phones in the area," the Journal said, quoting information from an unnamed base officer.

Several NATO soldiers were casually approached in public locations by a Russian agent with information about their family and other personal details — all for purposes of intimidation. Some of the information may have been obtained through hacking into their email, contacts or other personal information.

Read the full story in The Wall Street Journal.