Microsoft Corp on Wednesday said it had discovered hacking targeting democratic institutions, think tanks and non-profit organizations in Europe and plans to offer a cyber security service to several countries to close security gaps.
The hacks occurred between September and December 2018, targeting employees of the German Council on Foreign Relations and European offices of The Aspen Institute and The German Marshall Fund, the company said.
Microsoft said it found out about the hacks through the company’s Threat Intelligence Center and Digital Crimes Unit, and the hacks targeted 104 employee accounts in Belgium, France, Germany, Poland, Romania, and Serbia.
Hackers in most cases create malicious weblinks and spoofed email addresses that look legitimate, aiming to gain access to employee credentials and deliver malware, the company said.
Microsoft said many of the attacks originated from a group called Strontium, which the company has previously associated with the Russian government.
Strontium, one of the world’s oldest cyber espionage groups, has also been called APT 28, Fancy Bear, Sofancy and Pawn Storm by a range of security firms and government officials. Security firm CrowdStrike has said the group may be associated with the Russian military intelligence agency GRU.
Microsoft said it will offer its cyber security service AccountGuard to 12 new markets in Europe including Germany, France and Spain to help customers secure their accounts.
The AccountGuard service will also be available in Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal and Slovakia.
Microsoft’s move highlights the growing effort by social media companies like Facebook Inc and Twitter Inc to bring more transparency around political content and advertisements, and halt the spread of misinformation on their platforms.
In the U.S., Special Counsel Robert Mueller is investigating Russia’s role in the 2016 election and whether the campaign of President Donald Trump colluded with Moscow. Russia denies meddling in the elections while Trump has denied any collusion.
Ahead of a critical European Parliament election in May, German officials are trying to bolster cyber security after a far-reaching data breach by a 20-year-old student laid bare the vulnerability of Europe’s largest economy.