Microsoft warns EU on election hack threat
-
Russia-linked hacker group hacker targeted three major European think-tanks last year (Photo: Tirza van Dijk)
Russian hackers posed a threat to EU elections, US tech giant Microsoft has warned, amid fresh revelations of cyber-attacks against European targets.
"The attacks we've seen recently ... suggest an ongoing effort to target democratic organisations," Tom Burt, the firm's vice-president, said in his blog on Wednesday (20 February).
Join EUobserver today
Become an expert on Europe
Get instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Already a member?
"They validate the warnings from European leaders about the threat level we should expect to see in Europe this year," he added, as Europe prepared for European Parliament elections in May.
The US firm revealed the same day that a hacker group had targeted three major European think-tanks: The German Council on Foreign Relations; The Aspen Institutes in Europe; and The German Marshall Fund.
The hackers tried to install malware in their systems by sending emails with dodgy links to 104 employee accounts in Belgium, France, Germany, Poland, Romania, and Serbia between September and December last year, it said.
Russia has denied previous allegations of hacking pro-EU targets in France and Germany and Microsoft's Burt did not directly name Russia in his blog post.
But he said the hacker group was called Strontium - Microsoft's moniker for a group which has also been called APT 28, Fancy Bear, and Pawn Storm by other investigators and which, according to German authorities, among others, acts as a front for Russian intelligence.
"State-controlled groups like APT 28 are ... continually active," the German Federal Office for Information Security told the Reuters news agency on Wednesday.
The German Council on Foreign Relations said it had been penetrated "for a limited time" last year.
Andrew Kolb, a spokesman for the German Marshall Fund, told US newspaper The Washington Post that "we've had a programme for the last roughly two years that has focused specifically on authoritarian interference online and a lot of that has meant looking at Russia".
"We sort of assume we're going to be subject to these kinds of attacks at any time," he said.
Aspen Germany said in a statement that the Microsoft revelations were "a wake-up call".
"In the run-up to May 2019 European elections, it is incumbent on all responsible players in European democracy to remain vigilant," it said.
The US tech firm also tried to cash in on its warning by offering its cyber security services to 12 new markets in the EU.
Its so-called AccountGuard service was already available in Ireland and the UK.
But it was now for sale also in Denmark, Estonia, Finland, France, Germany, Latvia, Lithuania, the Netherlands, Portugal, Slovakia, Spain, and Sweden Microsoft's Burt said.