Fancy Bear is back to its old tricks of exploiting IoT and doing network recon

By Jonathan Terrasi Published August 6, 2019

In a new intelligence report on threats was released this week by Microsoft, which claims to have detected resumed activity, in the form of Internet of Things (IoT) device compromise, from Russian hacking group Fancy Bear.

The group, alternatively known by its STRONTIU or APT28 designations and thought to be an arm of Russian state intelligence, was found to have taken control of networked appliances such as printers as a way of pivoting deeper into the network. Once inside, the attackers would then find vulnerable, secluded portions of it to establish persistence and, finally, phone home to command and control servers. According to Microsoft’s findings, the attackers primarily targeted critical government or civic infrastructure including political, defense, medical, and engineering networks.

Recommended Videos

It is not clear whether the organizations whose networks were breached were the ultimate intended targets, or simply cover for hiding resources for later use. If the attribution to Fancy Bear is accurate, these reported intrusions would constitute the latest in a long string of attack from the group that depends heavily on IoT compromise.

Fancy Bear is most famous for infiltrating the network of the Democratic National Committee in 2016, but their oeuvre is otherwise largely based on breaking into routers and other small network appliances. In 2017, the group turned its attention to hotel networks, which they seized control of by exploiting network equipment. The group followed that up with the VPNFilter attack last year, which also took over routers.

This recent pattern from Fancy Bear brings an evolving picture of the Russian state-sponsored hackers into sharper resolution. Whereas the group formerly appeared content to break into specific kinds of networks simply to monitor them, Fancy Bear’s attack on hotel Wi-Fi positioned them to spy on guests of those hotels. The IoT compromise that Microsoft detailed fits a new pattern of conducting reconnaissance on networks they breach and following up with corresponding next steps.

The fact that Fancy Bear’s predisposition toward IoT has not changed should come as no surprise, as the perennially weak security of this class of devices provides ample attack surface. It is for this reason that some of the biggest DDoS attacks to date have been executed by enormous global botnets of IoT devices, such as the Mirai botnet.

Topics

Jonathan Terrasi

Former Digital Trends Contributor

Jonathan has studiously followed trends in technology, particularly in information security and digital privacy, since 2014…

Computing

The next Snapdragon X chip will be even more powerful than we thought

The Qualcomm Snapdragon X Plus

As part of Qualcomm's latest Investor Day, the company confirmed that its next PC chip, the Snapdragon X Elite Gen 2, will use the Oryon v3 CPU. This comes as a surprise to many, as the Oryon v2 was just announced last month alongside plans to use it with the Snapdragon 8 Elite chipset for smartphones.

Since the current Snapdragon X Elite chip uses an Oryon v1 CPU, many assumed that the 2nd-gen chip would use the 2nd-gen CPU -- but it seems the PC chips will be skipping over this generation entirely.

Computing

The Windows 11 24H2 update is causing even more problems

The Windows 11 24H2 update had already been giving users a real headache with problems such as bugs for visual layouts and flaws for certain wallpaper apps. And now, as Microsoft confirms in a support document, some people without administrative privileges can't change the time zone in the Date & Time view, among myriad other issues related to the important Windows 11 update.

A Feedback Hub post also reports a time issue after exiting Sleep Mode, specifically after about one out of every five overnight sleep cycles. There is also a report that the time is not syncing correctly following daylight saving time. Put differently, the update doesn't break the time zone, but only affects the toggle or makes it very difficult to modify it.

Computing

The 10 best monitors for 2024: tested and reviewed

OLED demo on the Asus ROG PG27AQDM.

Editor’s note: You should expect to see tons of great monitor deals on Black Friday and Cyber Monday this year. It's pretty much a guarantee that you'll find something that suits your needs at a discounted price, so long as you keep an eye out and pay close attention to what you're buying. Whether you're looking for a killer gaming monitor deal, a high-end 5K monitor deal, or even an OLED monitor deal, or something more on the budget side, we've got your covered. Make sure to check out our other Black Friday deals for even more bargains on TV, headphones, and more.

For those seeking a superior computer setup, a cutting-edge monitor is non-negotiable. As we move into 2024, the monitor market offers a wide range of options tailored to various needs, from immersive gaming displays to high-resolution panels for creative professionals. Whether you're looking for top-tier gaming performance with fast refresh rates, crisp visuals for productivity, or a versatile all-rounder, this year’s monitors bring cutting-edge features like OLED panels, high refresh rates, and enhanced connectivity. In this guide, we'll explore the best monitors you can buy in 2024, ensuring you find the perfect fit for your setup.