Microsoft Says Russia-Linked Hacking Group
Targeted European Think Tanks, NGOs
February 21, 2019
Software giant Microsoft says it has uncovered a series of cyberattacks by hackers linked to Russia targeting democratic institutions, think tanks and nonprofit organizations in Europe, highlighting concerns of possible interference in European Union elections in May.
The attacks occurred between September and December, targeting employees of the German Council on Foreign Relations and European offices of The Aspen Institute and The German Marshall Fund, the company said in a blog post.
Microsoft said the activity targeted more than 100 employee accounts in Belgium, France, Germany, Poland, Romania, and Serbia. The attacks were discovered through Microsoft's Threat Intelligence Center and Digital Crimes Unit, the company said.
Many of the attacks originated from Strontium, one of the world's oldest cyberespionage groups, which has been previously associated with the Russian government.
Strontium has also been called APT 28, Fancy Bear, Sofancy, and Pawn Storm by a range of security firms and government officials.
Security firm CrowdStrike has said the group may be associated with the Russian military intelligence service, the GRU.
Microsoft's cybersecurity service AccountGuard will be expanded to 12 new markets in Europe including Germany, France, and Spain, to help customers secure their accounts, the company said.
The AccountGuard service will also be available in Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal, and Slovakia.
The announcement comes as EU officials are bracing for attempted meddling ahead of the blocís elections in May, when far-right parties appear set to make gains.