Russian Hackers Hitting European Democratic Institutions, Warns Microsoft

Microsoft is offering cyber protection services after it warned that a Russian hacking group has attacked multiple targets in Europe.

Microsoft said it had detected attacks against employees of multiple think tanks and non-profit organisations working on topics related to democracy, electoral integrity, and public policy. These attacks had affected staff in Belgium, France, Germany, Poland, Romania, and Serbia.

The attacks come before the European Parliament elections, as well as several key national elections across the continent.

European targets

Microsoft said that it was critically important that organisations underpinning the democratic process have access to state-of-the-art cybersecurity protection, in light of the “nation-state attacks” of the past two years, including the hacking and disinformation attacks on the French presidential election in 2017.

“Today we’re announcing the expansion of Microsoft AccountGuard to twelve new markets across Europe (France, Germany, Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal, Slovakia, and Spain), providing comprehensive threat detection and notification to eligible organisations at no additional cost and customised help to secure their systems,” said Microsoft.

It cited the ongoing cyberattacks against European organisations, as evidenced last month when a 20 year old hacked personal data belonging to hundreds of German politicians, celebrities and public figures in that country.

“At Microsoft, we’ve seen recent activity targeting democratic institutions in Europe as part of the work our Threat Intelligence Center (MSTIC) and Digital Crimes Unit (DCU) carry out every day to protect all of our customers,” said the software giant.

“These attacks are not limited to campaigns themselves but often extend to think tanks and non-profit organisations working on topics related to democracy, electoral integrity, and public policy and that are often in contact with government officials,” it said.

Microsoft said for example that it had recently detected attacks targeting staff of the German Council on Foreign Relations, The Aspen Institutes in Europe and The German Marshall Fund.

The attacks targeted 104 accounts belonging to staff located in Belgium, France, Germany, Poland, Romania, and Serbia.

“MSTIC continues to investigate the sources of these attacks, but we are confident that many of them originated from a group we call Strontium,” it said.

Russian hackers

Strontium has been linked to the Russian government or the Russian military intelligence agency GRU (depending on which security firm you talk to).

Strontium is also known by a number of other names including APT 28, Fancy Bear, Sofancy and Pawn Storm.

Microsoft said these attacks are similar to attacks against US-based institutions, and in most cases involves the creation of malicious URLs and spoofed email addresses that look legitimate.

“These spearphishing campaigns aim to gain access to employee credentials and deliver malware,” said the firm. “The attacks we’ve seen recently, coupled with others we discussed last year, suggest an ongoing effort to target democratic organisations. They validate the warnings from European leaders about the threat level we should expect to see in Europe this year.”

Last August Microsoft claimed victory after it said it thwarted a cyber attack by Strontium. That attack targetted US conservative groups including the International Republican Institute and the Hudson Institute think tanks.

But Microsoft stopped it when its security staff gained control of six net domains mimicking their websites.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

18 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

19 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

20 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

22 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

1 day ago