A string of cyber attacks has NATO soldiers deployed in Eastern Europe scrambling to secure their online accounts and mobile devices. The attacks have targeted the iCloud accounts, Facebook pages, and cell phones of about 4,000 NATO troops. The methods used in the attacks are relatively simple, but could expose classified data about troop movements and mission plans.
The incidents are believed to involve simple tactics like the Find My iPhone attack, phishing links, or fake social media profiles. These are common among simple criminals and basement hackers and are much less advanced than some previous attacks. The affected soldiers are stationed very close to the Russian border which has US officials believing there may be a political motive behind the hacks.
The Wall Street Journal, citing those US officials, believes drones may have also been used to simulate cell towers in a Stingray-like attack. If successful, this would give the attacker access to phone contacts, messages, call details, and other mobile network usage.
So far, six soldiers have confirmed that they were hacked with many more likely to come once further details are examined. They have had their contacts wiped and their locations tracked back to Russian IP addresses in Moscow.
Russia has used similar covert and low-level attacks in the past to spy on or hinder their enemies. Previous attacks have used Twitter posts with embedded malware links to target the Department of Defense, phishing attacks to steal secrets from the Clinton campaign, and other reported attacks against the Macron campaign in France.