Microsoft warns of hacking ahead of elections

Launching defense services in Europe.

Ahead of the European Parliament elections in May, Microsoft is expanding its election defense service to 12 European countries in an effort to combat both present and future cyber attacks.

The move comes after numerous security breaches compromised democratic elections and institutions across Europe. During the 2017 French presidential election, hackers leaked more than nine gigabytes of emails from then-candidate Emmanuel Macron’s campaign in an act of sabotage.

Then between September and December 2018, cyber attacks landed on European think tanks and nonprofits. Attempts were made on The Aspen Institutes in Europe, the German Council on Foreign Relations and the German Marshall Fund, using phishing scams and faked email addresses to trick political workers. The attacks compromised 104 workers accounts in European democratic institutions.

“The attacks we’ve seen recently, coupled with others we discussed last year, suggest an ongoing effort to target democratic organizations,” said Microsoft Corporate vice president Tom Burt in a detailed blog post. “They validate the warnings from European leaders about the threat level we should expect to see in Europe this year.”

Burt said Microsoft saw the attacks through their Threat Intelligence Center and Digital Crimes Unit, and contacted the organizations at risk. Microsoft believes the attacks came from a hacking collective called Strontium, also known as Fancy Bear. Strontium is a Russia-affiliated group best known for hacking the Democratic National Convention in 2006. Microsoft has kept close tabs on the group since then, stopping an attempt by Strontium in 2018 to hack the U.S. Senate ahead of the midterms.

AccountGuard, the defense service being made free, was launched before the 2018 U.S. midterms to keep foreign interference out. Now the technology will be free to European political workers using Office 365 in countries like France, Germany, Spain and Denmark. The service was previously available in Ireland and the U.K., and Microsoft plans to expand the service across Europe in the coming months.

“Many organizations essential to democracy do not have the resources or expertise to defend themselves against cyber attacks,” Burt said. “That is why we believe that technology providers have a responsibility to help.”

The cybersecurity service provides what Microsoft calls, “comprehensive threat detection,” by notifying users and their organization if their account is vulnerable or is being breached. AccountGuard also offers guidance and workshops that help workers keep their information safe from malicious URLs or phishing scams – the same kind of tactics Strontium used to compromise European political workers.

Elections become more digital each year, and more susceptible to hacking as a result. Citizens in Estonia can vote in local and national elections from their personal computers, which has increased election turnout according to the European Parliament.

Internet voting also is being piloted in many European countries to increase turnout and cut costs around elections, and will see a wide-scale rollout for EU member countries in 2024. Whether Microsoft will be involved in the process remains to be seen.

“We are committed to continue working with local, national and regional authorities as well as our industry peers to help protect democratic processes,” Burt said.