Security services firm FireEye says two hacker groups known to be sponsored by the Russian government of Vladimir Putin are waging cyber-attacks currently against European government systems.
FireEye says these internet-based digital attacks are focused on the member states of NATO, the European security alliance that both Putin and Trump disparage.
The two hacking groups are believed to be coordinating their efforts, but they're using different tools, FireEye reports, adding it noticed a “significant increase” in activity from both groups in mid-2018.
The cyber-espionage campaign is said to be ongoing.
“The groups could be trying to gain access to the targeted networks in order to gather information that will allow Russia to make more informed political decisions, or it could be gearing up to leak data that would be damaging for a particular political party or candidate ahead of the European elections,” Benjamin Read, FireEye's senior manager of cyberespionage analysis said Thursday.
NBC News's Ryan Browne reports that the firm's findings “are likely to fuel worries over the possibility that Russia may influence upcoming EU elections.”
The company found that two state-sponsored hacking groups, APT28 and Sandworm, used spear phishing — the practice of sending out emails designed to look like they’re from a trusted party — in an attempt to obtain government information.
FireEye said European government institutions were sent emails with links to websites that appeared to be authentic, luring a person into changing their password and thus sharing their credentials with hackers.
APT28, more popularly known as Fancy Bear, is believed to be linked to Russian military intelligence agency GRU and has been labeled as one of the malicious actors behind the 2016 Democratic National Convention hack.
Sandworm, meanwhile, has also been tied to Russia, and is believed to have been behind the NotPetya ransomware attacks last year which targeted mainly Ukrainian institutions.
Earlier, related tweets:
Watch last night's full report here: https://t.co/2ef2MHOU2j
— Maddow Blog (@MaddowBlog) March 15, 2019
NEWS: Unsealed report finds evidence Russian-run tech firm's infrastructure was used in election hack, overlapping with claims in Steele dossier pic.twitter.com/zvywPigKoW
— Maddow Blog (@MaddowBlog) March 15, 2019
NEWLY UNSEALED: Russian agents used networks operated by ALEKSEJ GUBAREV in 2016 election hacking, per report released in defamation case vs @BuzzFeed for posting STEELE DOSSIER.
The report doesn't go as far as Steele, who had linked Gubarev to the hacking https://t.co/ynMKNI0qC4— Kenneth P. Vogel (@kenvogel) March 14, 2019
The newly unsealed report, which was commissioned by @BuzzFeed from a former @FBI cyber-expert, has lots of details on the Russian election hacking. @AllMattNYT, who has the report, breaks it down:https://t.co/ynMKNI0qC4
— Kenneth P. Vogel (@kenvogel) March 14, 2019