Russian state-linked hackers are increasing their efforts targeting governments in Europe, a top cybersecurity firm has warned ahead of the European Parliament elections in May.
Among the two groups involved is Fancy Bear, otherwise known as APT28, which played a role in the hacking of the US Democratic Party ahead of the 2016 presidential election, the firm FireEye said. The other group is known as Sandworm Team.
FireEye said it had observed an uptick in the targeting of European government departments and agencies since mid-2018. The hackers have also targeted media outlets in France and Germany, FireEye added.
“The groups’ most common method of initial compromise is spear phishing, which involves sending emails to targets with the intention of prompting them to click a malicious link or attachment. This can deliver a malicious document or link to a fake login site used to steal passwords,” FireEye said in a statement.
The same method was used by Fancy Bear to break into the personal email account of John Podesta, Hillary Clinton’s campaign chairman, in 2016. Those emails were later released by WikiLeaks.
Russian leaders have consistently denied many of the hacks attributed to Moscow, including allegations that it meddled in the 2016 US presidential elections.
David Grout, FireEye’s chief technology officer in Europe, told CNN on Friday the hackers’ efforts could be just information gathering, “or it could lead to a leak that would be damaging for a particular individual or group.”
“Either way, with two months to go until the European elections, governments should be vigilant about the threats they face in cyberspace,” Grout added.
Microsoft announced last month that it was rolling out a service that political candidates and campaigns in Europe could use to help protect themselves ahead of May’s European Parliament elections.