Russian Hackers Fooled the Keepers of US Drone Secrets Using the Oldest Trick in the Book

Photo of a Gray Eagle drone via AMRDEC
Photo of a Gray Eagle drone via AMRDEC

A new investigation by the Associated Press has revealed that a whopping 40 percent of 87 American defense contractors who were recently targeted by Russian hackers clicked on fake links sent to them via email, possibly exposing classified information in the process.

It’s no secret that both American and Russian intelligence agencies are constantly trying to hack each other’s emails. But what may be somewhat surprising is how easy it is to get people in sensitive jobs to click on sketchy phishing links. Especially when those links target their personal accounts.

“I clicked on it and instantly knew that I had been had,” retired Air Force general James Poss told the Associated Press while recounting a 2015 incident. The email was designed to look like a Google security alert, but it was actually a trap by a Russian-government hacking group, known in the US as Fancy Bear, to gain access to his messages.


Russian hackers have taken to targeting the personal email accounts of these individuals, most often Gmail, which is seen as having weaker defenses than official work accounts. But the way in which our personal and business lives now blend together in a digital hodge podge, even strictly personal emails can render useful information to foreign adversaries.

From the Associated Press:

The AP identified the defense and security targets from about 19,000 lines of email phishing data created by hackers and collected by the U.S.-based cybersecurity company Secureworks, which calls the hackers Iron Twilight. The data is partial and extends only from March 2015 to May 2016. Of 87 scientists, engineers, managers and others, 31 agreed to be interviewed by the AP.

The Russians have been particularly interested in US drone technology over the last few years, targeting contractors who work on projects like the new-generation US Reaper made by General Atomics and the US Air Force’s uncrewed X-37B, an experimental spaceplane that spends years in orbit on secretive missions.

But there’s a strange angle to this story when US defense contractors get their email hacked and American law enforcement learns about it. Agencies like the FBI rarely tell the victims. Of the 31 Americans that the AP contacted who were targeted by, just one reported that American officials warned them in the aftermath. One possible reason? There are simply too many Russian attacks to notify everyone who’s been hacked.


There’s absolutely no doubt that we’ve entered a new phase of the Cold War, something that many of us who lived through the 1990s thought might be over. And with America’s reliance on a seemingly endless list of private contractors, both large and small, for national defense, the Russians (not to mention the Chinese) have a target rich environment online.

During World War II, the US military had a saying that “loose lips sink ships.” Allow us to propose a new saying: Sloppy phones crash drones.


[Associated Press]

Matt Novak is the editor of Gizmodo's Paleofuture blog

Share This Story

Get our newsletter


Holy fuck how was there not a cybersecurity test these people had to pass before they got clearance?