Russian hackers are targeting government systems ahead of the EU parliament election, according to cybersecurity company FireEye. The firm says that two state-sponsored hacking groups — APT28 (aka Fancy Bear) and Sandworm — have been sending out authentic-looking phishing emails to officials in a bid to get hold of government information.
Both groups have previously been linked to Russia. APT28 was allegedly behind the 2016 Democratic National Convention hack, while Sandworm is believed to be the malicious actor involved in last year’s NotPetya ransomware attacks on mainly Ukrainian facilities. FireEye says that latest efforts of both groups appears to be co-ordinated — although each have used different methods — and that their campaign is ongoing. The company did not confirm whether any sensitive data had been leaked.
In a statement, FireEye’s senior manager of cyberespionage analysis, Benjamin Read, said that, “The groups could be trying to gain access to the targeted networks in order to gather information that will allow Russia to make more informed political decisions, or it could be gearing up to leak data that would be damaging for a particular political party or candidate ahead of the European elections.”
Up to 300 million citizens across the EU are set to vote in European parliamentary elections this May, the outcome ultimately determining the future of peace in Europe. Hacking efforts by hostile parties could seriously undermine this. While FireEye says it’s notified the affected institutions and is advising them on future action, this isn’t the first attempt by Russia to sway the voting process — Microsoft made a similar announcement last month. Given the extremely tenuous political situation across the world right now, it’s unlikely to be the last, either.