American tech giant Microsoft revealed this morning it has detected a wave of attacks against European democratic institutions as miscreants continue malware insertion attempts.
Helpfully coinciding with the announcement that Microsoft, staunch defender of all things democratic, would be rolling out its AccountGuard service, the team at Redmond said it had spotted attacks against 104 accounts of users working in European institutions.
The Microsoft Threat Intelligence Center (MSTIC) said the attacks targeted employees of the German Council on Foreign Relations, European offices of The Aspen Institute and The German Marshall Fund. The accounts were spread over Belgium, France, Germany, Poland, Romania, and Serbia.
The attacks are depressingly similar to those carried out against US institutions, with the usual suspects present and correct in the spear-phishing campaign: legit-looking email addresses and malicious URLs all aimed at slurping credentials and delivering malware.
European lawmakers warned last week that "malign actors" would be a factor in the upcoming European Parliament election, in a reference to meddling by the likes of Russia. Prominent German figures have also had their run-ins with hackers as personal data was spat out for all to see earlier this year.
The threat intel unit reckoned many of the attacks, which occurred between September and December 2018, came from a group Redmond called "Strontium". We'd like to think that's in reference to the long-running 2000 AD comic strip "Strontium Dog", created by John Wagner and the much-missed Carlos Ezquerra, and featuring a mind-reading mutant named Johnny Alpha. The reality is likely a little more prosaic.
Cult comics aside, Microsoft swiftly notified the affected organisations so steps could be taken to secure systems.
While hand-wringing continued over the potential for miscreants meddling in the electoral system, Microsoft also extended the AccountGuard technology in France, Germany, Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal, Slovakia, and Spain. The US has enjoyed the service since 2018, and the UK was on the receiving end of the software giant's largesse in November.
More countries will be added to the programme over the coming months.
AccountGuard is a service Microsoft extends to pretty much anyone in supported regions who is involved in the democratic process, from candidates through to think-tanks and non-profit outfits. Enrolled users enjoy notification of attacks over personal and organisational systems as well as assistance from Microsoft in getting things secured and keeping them that way.
Assuming, of course, the organisations are signed up for Office 365. ®