Microsoft has declared that the hackers have targeted think tanks from Europe as well as non-profit organizations who, incidentally, are in close communications with officials from the government.
The company expressed using a blog post last Wednesday that the hacking was done in the previous year using phishing campaigns that were meant to steal employees’ credentials and spread malware.
The tech firm also noted that the websites and email addresses appeared legitimate enough to fool the employees from the German Council on Foreign Relations. The workers from The German Marshall Fund and offices of The Aspen Institute in Europe were also victimized using the same methods.
Tom Burt is the one who posted the letter in the blog post; Burt is the Corporate Vice President for Customer Security and Trust in Microsoft. He wrote in the message that the offense against the organizations affected 104 accounts, which belonged to employees all over the world and in countries such as Germany, France, Belgium, Romania, Serbia, and Poland. Burt also added that the information was disclosed with the consent of the companies.
Hamilton 68, a tool run by The German Marshall Fund was made to track Russian propaganda along with their disinformation efforts on the internet. The company president, Karen Donfried, stated that the attacks were not a surprise at all. She also added that anything and everything that their organization does is done with dedication for the advancement and protection of democratic values. She also emphasized how the announcement will serve as proof about the reality and relentlessness of the attacks.
A German Council on Foreign Relations spokesperson confirmed the organization’s history of being targeted when it comes to cyber attacks in the last year. They also refused to speak further at the moment about the issue to be cautious. They also hinted about think tank’s “range of measures” meant to defend itself from future risks.
The Executive Vice President for Policy Programs, Public Programs and International Partners from The Aspen Institute, Elliot Gerson, stated the think tank’s recent awareness about the attempts to jeopardize its European counterparts, which are considered to be independent affiliates.
In an interview, Gerson said that the attempts should serve as an alarm for them to unite and protect the different organizations from those that are a threat to their work.
Although the investigation is still ongoing, Microsoft has released a statement blaming the group called “Strontium,” or better known as “Fancy Bears” for the majority of the attacks. The same group is also linked to Russia and was said to be responsible for the hackings in the Democratic National Committee, right before the U.S. presidential elections in 2016.
The tech company also stated the period of the attacks happened in the fourth quarter of 2018. The organizations involved were immediately notified to prepare countermeasure, even going so far as to offer the Microsoft AccountGuard, a cybersecurity service.
Microsoft provided these services to protect the political parties and candidates, as well as campaign offices, for free.