Russia’s Fancy Bear Hackers Are Hitting US Campaign Targets Again
The Russian military intelligence hackers known as Fancy Bear or APT28 wreaked havoc on the 2016 election, breaking into the Democratic National Committee and Hillary Clinton's campaign to publicly leak their secrets. Ever since, the cybersecurity community has been waiting for the day they would return to sow more chaos. Just in time for the 2020 election, that day has come. According to Microsoft, Fancy Bear has been ramping up its election-targeted attacks for the past full year.
On Thursday, Microsoft published a blog post revealing that it has seen Russia's Fancy Bear hackers, which Microsoft calls Strontium, targeting more than 200 organizations since September 2019. The targets include many election-adjacent organizations, according to researchers at Microsoft's Threat Intelligence Center, including political campaigns, advocacy groups, think tanks, political parties, and political consultants serving both Republicans and Democrats. Microsoft named the German Marshall Fund of the United States and the European People's Party as two of the hackers' targets. The company otherwise declined to publicly name victims or say how many of the attempted intrusions had been successful, though it said that its security measures had prevented the majority of attacks.
"The activity we are announcing today makes clear that foreign activity groups have stepped up their efforts targeting the 2020 election as had been anticipated," Microsoft's blog post reads. "Microsoft has been monitoring these attacks and notifying targeted customers for several months, but only recently reached a point in our investigation where we can attribute the activity to Strontium with high confidence."