Microsoft Says, Russian Hackers Targeted European Research Groups

Microsoft Says, Russian Hackers Targeted European Research Groups

A group of hackers associated with Russian intelligence targeted civil society groups across Europe ahead of May elections there, Microsoft said on Tuesday.

The attacks, disclosed by Microsoft in a blog post, demonstrate the continuing spread of a broad online campaign aimed at disrupting real and potential political opponents of Russia’s president, Vladimir V. Putin. The company said it had found that hackers targeted more than 100 email accounts at think tanks and nongovernmental organizations that work on issues including election security, nuclear policy and foreign relations.

Microsoft didn’t address what country the attacks came from, but it blamed a group of hackers sometimes called Fancy Bear. Online security companies have identified Fancy Bear as a Russian group, and it is widely believed to be tied to Russian intelligence.

Fancy Bear was involved in the 2016 hacking of the Democratic National Committee in the United States, according to the party and security researchers. Last year, the American authorities indicted 12 Russian intelligence officers related to the hacks of the party headquarters and the Clinton presidential campaign.

Russian officials have denied that Moscow had any role in the hacking attempts.

Despite scrutiny of groups like Fancy Bear, the attacks have continued. Last year, the same hacking group similarly targeted Republican think tanks that had criticized President Trump before the midterm elections in the United States. Microsoft also detected those as part of its cybersecurity operations.

Increasingly the attacks have also targeted groups that are not directly involved in elections but seek to steer debate or focus on specific targets, as both the 2018 attacks and the new attacks disclosed in Europe show.

Microsoft said the latest attacks had taken place in advance of the European Parliament elections, which are set for May, “as well as several key national elections.”

The company said the attacks occurred between September and December and took the form of spearfishing campaigns. Spearfishing involves sending emails that appear to come from legitimate sources to get users to click the links inside. If a user clicks those links, hackers can install malware, steal passwords or conduct other online mischief.

"The attacks occurred between September and December 2018," said Tom Burt, Microsoft's corporate vice president of Customer Security & Trust. "We quickly notified each of these organizations when we discovered they were targeted so they could take steps to secure their systems, and we took a variety of technical measures to protect customers from these attacks."

The German Council on Foreign Relations, the European offices of the Aspen Institute and the German Marshall Fund of the United States were among the groups that were targeted and agreed to be disclosed, Microsoft said.

To know about latest happenings in technology industry check out other posts of GadgetsTricks.com
Thanks For Your Time