Microsoft revealed in a blog post on Tuesday that a group of Russian hackers is responsible for carrying out cyber attacks on European political research groups. Strontium, a Russian government agency-linked group, known as Fancy Bear, has targeted more than 100 accounts of employees based across European countries such as Belgium, France, Germany, Poland, Romania, and Serbia.
A series of cyber attacks targeted German Council on Foreign Relations, the Aspen Institutes in Europe, the German Marshall Fund and other organizations involved in democracy research, electoral integrity, and public policy by the Russian-linked cybercriminals. The workers who are affected by the attack are also in regular contact with government officials. It is believed that the attack is an effort to stir panic and influence the results of the upcoming elections in the European Union parliament.
“The attacks occurred between September and December 2018,” said Tom Burt, Microsoft’s corporate vice president of Customer Security & Trust. “We quickly notified each of these organizations when we discovered they were targeted so they could take steps to secure their systems, and we took a variety of technical measures to protect customers from these attacks.”
Fancy Bear, a Russian government-linked hacker group, rose to infamy after they attacked the Democratic National Committee in 2016, in which 12 hackers have infiltrated the organization’s servers to hijack emails from staffers to influence the presidential elections. In 2018, it infected more than half a million routers with malware and targeted groups in South America and Europe.
As a response to the latest attacks, Microsoft announced that it would make its AccountGuard cybersecurity service available for free to European groups using Office 365 software in 12 new markets as an added protection.
Organizations and research groups are urged to be more vigilant by the German Marshall Fund to protect their democracies as the European elections approach.
“The risk is not just for candidates and campaigns,” Karen Donfried, German Marshall Fund’s president, said in a blog post addressing Microsoft’s. “Organizations and individuals needed to be aware and prepared that malign forces, including sophisticated state actors, seek to exploit them in the digital space.”
The German Council on Foreign Relations confirmed the attack and welcomed Microsoft cybersecurity initiative. “We are, of course, concerned about our digital infrastructure and have therefore been implementing a range of measures to counter further such risks,” a spokesperson said in an emailed statement. “It is also our view as a foreign policy organization and thinks tank that the issue of cyber attacks should receive strong political and public attention.” /apr