SHARE
COPY LINK

DATA

Microsoft warns of hacker attacks on Germany, EU elections

Tech giant Microsoft said Wednesday it had detected hacker "attacks" ahead of European Parliament and national elections in the EU, in a warning to civil society groups, politicians and campaigns.

Microsoft warns of hacker attacks on Germany, EU elections
Photo: DPA

The firm said a group it calls Strontium was behind the attacks, known to
security firms and government agencies as Fancy Bear or APT28 and widely believed to be linked to Russian intelligence.

“At Microsoft, we've seen recent activity targeting democratic institutions in Europe,” security chief Tom Burt wrote in a blog post.

“Attacks are not limited to campaigns themselves but often extend to think
tanks and non-profit organizations working on topics related to democracy, electoral integrity and public policy and that are often in contact with government officials,” he added.

APT28 has previously targeted the German parliament, or Bundestag, including in the summer of 2017 before countrywide elections.

SEE ALSO: The ongoing cyber attack on Germany's government – what we know so far

SEE ALSO: Security crisis: hackers invade German government's data network

Among others, Microsoft found the hackers targeted 104 employee accounts from well-known groups the German Council on Foreign Relations, the Aspen Institutes in Europe and the German Marshall Fund (GMF) between September and December 2018.

The hackers deployed so-called “spearphishing” tactics — using targeted
fake emails or websites to try and harvest workers' credentials and gain access to computer systems.

Among the targets were employees based in EU members Belgium, France, Germany, Poland and Romania as well as non-member Serbia.

“Organizations and individuals need to be aware and prepared that malign forces, including sophisticated state actors, seek to exploit them in the digital space,” GMF president Karen Donfried said in a blog post.

“It is more important than ever that we be vigilant to protect our democracies from foreign interference, including online.”

The Old Continent faces a string of votes in the coming months, including
European Parliament elections in May, parliamentary polls in Estonia, Finland and Belgium and presidential ballots in Slovakia, Ukraine and Lithuania.

“It is highly likely that foreign powers will target many of these elections,” former NATO secretary-general and Danish prime minister Anders Fogh Rasmussen warned last week at the Munich Security conference

Attacks could come “either by breaking into electoral systems, covertly supporting candidates or in getting toxic news in traditional and online media,” he added.

Former US vice president Joe Biden backed Rasmussen in warning of “cyber attacks, dark money influence operations and disinformation” used by “Russian but also other actors”.

Member comments

Log in here to leave a comment.
Become a Member to leave a comment.

INTERNET

Germany’s top court restricts state access to online data

Germany's highest court on Friday said security services had too much unfettered access to people's online data and ordered legislation to be revised to set higher hurdles.

Germany's top court restricts state access to online data
Photo: DPA

German intelligence services and police agencies currently have the right to ask telecom and internet companies for user info ranging from names and birth dates to passwords and IP addresses, to help their investigations in areas like counterterrorism and cyber crime.

But the Constitutional Court in Karlsruhe agreed with complaints brought by privacy activists that the access to data was excessive and an unconstitutional violation of citizens' right to telecom privacy.

READ ALSO: German medical probe finds millions of records freely available online

In their ruling, judges said the current powers to retrieve data were “disproportionate”.

“It cannot be permissible to indiscriminately request information on data,” they said.

Judges said they agreed that intelligence bodies sometimes needed to pull personal data from smartphones or other devices to maintain public security.

But they said this should only be done in cases of “a specific danger” or “an initial suspicion of criminal conduct” in the context of an investigation, and not to facilitate investigators' work “in general”.

German legislators have until the end of 2021 to amend the telecommunications law to include “thresholds for the use of these powers”.

The ruling comes in response to several lawsuits, including one by Patrick Breyer, an MEP from Germany's Pirate Party that campaigns for internet freedoms.

More than 6,000 people signed a petition backing his complaint.

SHOW COMMENTS