In context: A brand new hacking method raises considerations about how cyberwarfare and espionage proceed to evolve. As nation-state actors develop extra subtle strategies, the road between bodily and digital safety turns into more and more blurred.
Russian hackers have devised a extremely subtle methodology of breaching Wi-Fi networks from afar that researchers have dubbed the “nearest neighbor assault” because it permits hackers to infiltrate goal networks with out bodily getting near the premises.
The brand new method entails a multi-step course of that exploits vulnerabilities in neighboring networks to breach the supposed goal. As an alternative of risking detection by approaching the goal, as has been the norm in earlier Wi-Fi hacking makes an attempt, hackers can now orchestrate their assaults from a protected distance.
Cybersecurity firm Volexity found this unprecedented Wi-Fi hacking method whereas investigating a community breach focusing on a buyer in Washington, DC, in 2022. The corporate’s researchers traced the intrusion to a widely known Russian hacking group. by numerous nicknames, together with Fancy Bear, APT28 and Unit 26165, a part of the Russian army intelligence company GRU.
Wired notes that cybersecurity researcher Steven Adair revealed how his firm found this method on the Cyberwarcon safety convention held this week in Arlington, Virginia.
A “nearest neighbor assault” operates by way of a sequence of calculated steps. The hackers first breach a weak community in a constructing close to the supposed goal. They then acquire management of a laptop computer inside this compromised community. They use the machine’s Wi-Fi from there to breach the goal community. This methodology permits attackers to stay bodily distant whereas exploiting vulnerabilities within the native Wi-Fi community.
Within the case investigated by Volexity, the sophistication of the assault prolonged past a single hop. Investigators found proof of a series of Wi-Fi breaches involving as much as three separate networks earlier than reaching the ultimate goal. The success of the assault relied on a number of technical parts, together with credential exploitation, two-factor authentication bypass, and area identify leaking. The hackers have been very decided, in response to Volexity, and made a number of intrusion makes an attempt even after the preliminary discovery.
This system is an evolution of the GRU’s earlier “shut entry” hacking strategies. In 2018, officers caught Russian spies attempting to hack the Wi-Fi community of the Group for the Prohibition of Chemical Weapons in The Hague utilizing gear hidden within the trunk of a automotive. The “nearest neighbor assault” seems to reply on to the operational safety dangers uncovered by that incident.
This new assault vector presents vital challenges for cybersecurity professionals. Organizations should now contemplate the safety of neighboring networks as a part of their risk panorama. The flexibility to conduct these assaults from afar will increase the potential pool of attackers and makes it harder to establish who’s behind an assault.
In gentle of this new risk, cybersecurity consultants suggest a number of protecting measures, together with limiting Wi-Fi vary, obfuscating community names, implementing stronger authentication protocols, and monitoring Wi-Fi entry factors. , particularly these close to home windows or exterior partitions.
Cybersecurity consultants warn that assaults on nearer neighbors might turn out to be extra frequent. John Hultquist, a risk intelligence professional at Google-owned Mandiant, suggests this method represents a “vital enchancment” for close-in operations, and is probably going for use extra regularly by hackers.
Picture credit score: volexity
