The software company published a blog post today in which it said that it had thwarted a number of attempts from a group of hackers who tried to infiltrate European think tanks and nonprofit organizations in the final three months of last year. Some of the institutions targeted include the German Council on Foreign Relations, the Aspen Institutes in Europe, and the German Marshall Fund.
Microsoft says the common theme among the organizations targeted is that all are “working on topics related to democracy, electoral integrity, and public policy and that is often in contact with government officials.” The attacks targeted 104 employees of these organizations via spearfishing campaigns meant to trick the employees into giving up their login credentials so the hackers could infect the organizations with malware.
While Microsoft says it is still investigating the sources of the attacks, the company says that “we are confident that many of them originated from a group we call Strontium.” Strontium goes by another name, Fancy Bear, which is a group that has been linked to Russia and is the group that was reportedly behind the Democratic National Committee hack in the run-up to the 2016 U.S. presidential elections.
As for why Strontium may be targeting European think tanks now, it’s because many of these think tanks deal with European politicians who will be up for reelection to the European Parliament later this year.