Wednesday 20 February 2019 9:06 am

Microsoft opens up cyber security services in Europe in wake of fresh Russia attacks

Microsoft has expanded the reach of its cyber security service for political organisations in Europe, after detecting a fresh wave of attacks from Russian hackers.

The firm's vice president for customer security and trust Tom Burt said Microsoft's Threat Intelligence Centre (MSTIC) had discovered attacks on employees of the German Council of Foreign Relations, and European offices of the Aspen Institute and the German Marshall Fund.

Microsoft will be rolling out its Accountguard service to 12 new countries in Europe as a result, which offers threat detection and notification to organisations such as political parties and think tanks at no additional cost.

Read more: Hacker stereotypes 'exacerbate' UK's cyber security skills shortage

"The attacks against these organisations, which we’re disclosing with their permission, targeted 104 accounts belonging to organisation employees located in Belgium, France, Germany, Poland, Romania, and Serbia," said Burt.

"MSTIC continues to investigate the sources of these attacks, but we are confident that many of them originated from a group we call Strontium."

Strontium is Microsoft's internal name for Russian hacking network Fancy Bear, also known as APT 28. Microsoft identified Strontium as having been behind numerous attacks last year leading up to the US congressional elections.

Read more: Microsoft says Russia was behind several major US political group hacks

The software giant said the recent attacks occurred between September and December last year, and that targeted organisations were notified to take further security steps.

Burt said many organisations that are "essential to democracy" do not have the resources or expertise to defend themselves against cyber attacks. 

The news follows other preparations by tech giants ahead of European elections in May, such as Facebook and Twitter who have promised to be more transparent about political advertising.

Read more: Twitter rolls out political ad tracking tools in Europe

Twitter said yesterday it will clearly mark ads paid for by political organisations, and store information in a public database about who paid for them and which demographics they targeted.

Russia has been accused on multiple occasions of using tactics such as paid promotions to spread disinformation ahead of key elections, something which it has repeatedly denied.

Strontium has previously been linked to the Russian government. The country's Foreign Ministry called Microsoft's efforts in 2018 a "witch hunt", adding that it was "regrettable [for] a large international company, which has been working in the Russian market for a long time".