Microsoft has accused Russian hacking group Fancy Bear of launching a series of recent attacks against think tanks in Europe. Cybersecurity is a major concern ahead of European parliamentary elections in May.
Microsoft warned in a blog post on Wednesday that hackers attempted to breach accounts at several prominent European think tanks and non-profit organizations in late 2018.
The tech giant said it had detected attacks targeting 104 staff accounts at the German Council on Foreign Relations and European offices of Aspen Institute and the German Marshall Fund.
Microsoft added it was “confident” many of those attacks, which took place between September and December last year, were staged by a group it called Strontium — also known as Fancy Bear, APT28 and other names.
Links to Russia
The cyber espionage group is believed to be affiliated with Russian military intelligence, and is perhaps best known for hacking the Democratic National Committee during the 2016 US presidential elections. The group’s attack on Germany’s lower house of parliament in 2015 resulted in a data breach.
In the recent incidents announced by Microsoft, hackers apparently used malicious websites and spoofed emails to try and gain access to the credentials of employees located in Belgium, France, Germany, Poland, Romania and Serbia.
The organizations they targeted largely focus on transatlantic policy issues, democracy and electoral integrity, and are seen as valuable for hackers as they often have close contact with government officials.
European leaders have voiced concerns about the threat of cyber attacks in the lead-up to crucial European parliamentary elections in May. Officials say gaps in security still need to be addressed before 350 million voters across the EU head to the polls.
Microsoft also used its blog post to announce it was making its cybersecurity service AccountGuard available to 12 new markets in Europe, including Germany, France and Spain.