Soldiers and officials of North Atlantic Treaty Organization (NATO) member countries deployed in eastern Europe are being victimized by targeted hacks that aim to compromise their smartphones, the Wall Street Journal reported.
The nearly 4,000 NATO troops positioned near the Russian border have experienced a number of cyberattacks, including efforts to hijack social media accounts and attempts to launch phishing-style campaigns using iCloud.
According to the report, a United States Army lieutenant colonel stationed at the NATO base in Poland experienced a hacking attempt earlier this year that resulted in his iPhone being breached.
A secondary layer of protection prevented the device from being compromised, but the soldier reported receiving a message informing him that someone was trying to access his iPhone. The IP address of the attacker was located in Moscow—though that location could have been spoofed create confusion.
Soldiers located near the Russian border in Estonia reported experiencing strange activity on their mobile devices, including information stored on their phones suddenly being erased without permission, just days prior to additional troops from France and Britain arriving in the region.
In some instances, troops in the Baltic states reported being targeted by a Stingray-like device that was used to collect information off of their mobile devices. Stingrays are a controversial phone surveillance tool that mimic carrier cell towers and collect data from devices that connect to the fake network connection.
A U.S. soldier located in Latvia reported being approached by a stranger who casually started sharing information about the soldier’s life, including information about family members. A similar incident occurred with a U.S. soldier while riding a train in Poland.
The Wall Street Journal reported at least six cases of individual soldiers being targeted in the hacking attacks.
“This might be the clearest example yet of how our reliance on networks and connected devices has created new threats to national security,” Bill Leigher, the Director of Government Cyber Solutions at defense and cybersecurity firm Raytheon told International Business Times.
Leigher, a retired Navy Admiral, said the attack falls within the realm of cybersecurity but is, at its heart, a classic military-grade information operations campaign.
“it shows how those operations are being carried out through Facebook, news sites and now smartphones. This should make it clearer than ever that nation-states have brought the fight to new terrain — our commercial networks and the devices people use every day,” he said.
Given the location of the troops who are experiencing the problems and the belief among intelligence officials from the U.S. and other western nations that the attacks—which utilized technology that is typically not accessible to the general public—were backed by a government entity, it seems likely that the attacks are being carried out by Russia.
For the Russian government, there is important information stored on the mobile devices that may provide them insight into the NATO operation. The devices may hold sensitive military information and could provide insight into the strength of the force in the region.
The attacks can also serve as a piece of psychological warfare. Russian agents could theoretically send soldiers messages with false information or spoof contacts in order to send messages that appear to be from a trusted source in order to compromise a soldier.
The cyber attacks on NATO soldiers would not be the first time the mobile devices of troops in the region have been targeted. Earlier this year, Ukrainian soldiers reported receiving threatening text messages from Pro-Russian separatists who have managed to hijack cell networks in the embattled country—an incident that was also attributed to the Russian government.
In both that instance and the recent attacks against NATO troops, Russia has denied any involvement in the campaigns.