- A Microsoft
store is pictured in New York City, New York, US, August 21, 2018.
Reuters
A group of hackers associated with Russian intelligence targeted
civil society groups across Europe ahead of May elections there, Microsoft said
Tuesday.
The attacks, disclosed by Microsoft in a blog post, demonstrates
the continuing spread of a broad online campaign aimed at disrupting real and
potential political opponents of Russia’s president, Vladimir Putin. The
company said it had found that hackers targeted more than 100 email accounts at
think tanks and nongovernmental organisations that work on issues including
election security, nuclear policy and foreign relations.
Microsoft did not address what country the attacks came from, but
it blamed a group of hackers sometimes called Fancy Bear. Online security
companies have identified Fancy Bear as a Russian group, and it is widely
believed to be tied to Russian intelligence.
Fancy Bear was involved in the 2016 hacking of the Democratic
National Committee in the United States, according to the party and security
researchers. Last year US authorities indicted 12 Russian intelligence officers
related to the hacks of the party headquarters and the Clinton presidential
campaign.
Russian officials have denied that Moscow had any role in the
hacking attempts.
Despite scrutiny of groups like Fancy Bear, the attacks have
continued. The same hacking group last year similarly targeted Republican think
tanks that had criticised President Donald Trump in advance of the midterm
elections in the United States. Microsoft also detected those as part of its
cybersecurity operations.
Increasingly the attacks have also targeted groups that are not
directly involved in elections but seek to steer debate or focus on specific
targets.
Microsoft said the attacks occurred between September and December
and took the form of spearfishing campaigns. Spearfishing involves sending
emails that appear to come from legitimate sources to get users to click the
links inside. If a user clicks those links, hackers can use that to install
malware, steal passwords or conduct other online mischief.
The German Council on Foreign Relations, the European offices of
the Aspen Institute and the German Marshall Fund of the United States were
among the groups Microsoft said were targeted and agreed to be disclosed, the
company said.
In a statement on its website, the German Marshall Fund said
groups beyond candidates and their political campaign managers must be
increasingly vigilant.
“Everything we do as an organisation, from our policy research to
our work strengthening civil society, is dedicated to advancing and protecting
democratic values,” it said. “The announcement serves as a reminder that the
assault on these values is real and relentless.”
The other groups could not immediately be reached for comment
Tuesday.
The targeted research institutes have done work related to issues
important to Russian policy and its continuing use of misinformation to
influence elections. The German Marshall Fund, for example, has investigated
Russia’s use of social media to spread political messages in its favor in
various elections in Europe. The German Council on Foreign Relations has
published reports related to arms control and the North Atlantic Treaty
Organization, which has been at odds with Russia.
Microsoft has been tracking the increase in hacking attempts by
nation states, including Russian actors, as part of its Defending Democracy
Program, which it announced last year to provide protection to candidates,
political parties and nongovernmental organisations working in the field of
elections.
It said it was expanding its AccountGuard cybersecurity service
free to campaigns and nongovernmental organisations that use its Office 365
software in 12 new European markets to protect against these kinds of hacks.
Microsoft executive Tom Burt said in the blog post that Europe was
the birthplace of democracy and that “as the ongoing attacks demonstrate, this
idea is increasingly under threat.”
© 2019 New York Times News Service
Posts
No comments:
Post a Comment