Soon millions of Europeans will head to the polls to cast their ballots in the European Parliament elections, as well as several key national elections. We believe it’s critical that organizations underpinning the democratic process have access to state-of-the-art cybersecurity protection as we’ve seen and continue to see efforts by nation-states and others to influence elections in democracies around the world including in Europe. Today we’re announcing the expansion of Microsoft AccountGuard to twelve new markets across Europe, providing comprehensive threat detection and notification to eligible organizations at no additional cost and customized help to secure their systems.
Continued cyberattacks against European organizations
We all saw hacking and disinformation attacks on the French presidential election in 2017, and European leaders have recently warned that attacks will continue across Europe in 2019. At Microsoft, we’ve seen recent activity targeting democratic institutions in Europe as part of the work our Threat Intelligence Center (MSTIC) and Digital Crimes Unit (DCU) carry out every day to protect all of our customers.
These attacks are not limited to campaigns themselves but often extend to think tanks and non-profit organizations working on topics related to democracy, electoral integrity, and public policy and that are often in contact with government officials. For example, Microsoft has recently detected attacks targeting employees of the German Council on Foreign Relations, The Aspen Institutes in Europe and The German Marshall Fund.
The attacks against these organizations, which we’re disclosing with their permission, targeted 104 accounts belonging to organization employees located in Belgium, France, Germany, Poland, Romania, and Serbia. MSTIC continues to investigate the sources of these attacks, but we are confident that many of them originated from a group we call Strontium. The attacks occurred between September and December 2018. We quickly notified each of these organizations when we discovered they were targeted so they could take steps to secure their systems, and we took a variety of technical measures to protect customers from these attacks.
Consistent with campaigns against similar U.S.-based institutions, attackers in most cases create malicious URLs and spoofed email addresses that look legitimate. These spearphishing campaigns aim to gain access to employee credentials and deliver malware.
The attacks we’ve seen recently, coupled with others we discussed last year, suggest an ongoing effort to target democratic organizations. They validate the warnings from European leaders about the threat level we should expect to see in Europe this year.
Expanding Microsoft AccountGuard offering
We’re making Microsoft AccountGuard available starting today in twelve more European markets: France, Germany, Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal, Slovakia, and Spain. The service is already available in the U.S., Canada, Ireland, and the UK – bringing the total number of European countries with access to the service to fourteen. The markets for which we’re announcing AccountGuard today represent places where we’ve been able to expedite the work needed to offer AccountGuard quickly, and we plan to expand AccountGuard to additional markets in Europe in coming months.
Microsoft AccountGuard, which is part of our Defending Democracy Program, is a state-of-the-art cybersecurity service available at no extra cost to all political candidates, parties, and campaign offices operating at a local or national level. It is also available to think tanks, non-profits, and nongovernmental organizations working on issues related to democracy and electoral integrity. Microsoft AccountGuard is offered free-of-charge to organizations using Office 365.
The service provides notification of cyber threats, including attacks by known nation-state actors, across both email systems run by organizations and the personal accounts of these organizations’ leaders and staff. Eligible organizations can invite selected staff and other associates to enroll, and notification will only occur with the consent of the account owner. Organizations can get protection for external individuals helping with a campaign, board members of non-profit organizations, or volunteers. When we detect threats, we will work directly with participating organizations to notify them and help them secure their systems.
AccountGuard also provides covered organizations guidance to help make their networks and email systems more secure. This can include applying multi-factor authentication, installing the latest security updates, and guidance for setting up systems that ensure only those people who need data and documents can access them. AccountGuard also provides briefings and training to address evolving cyberattack trends as well as preview releases of new security features on a par with the services offered to our large corporate and government account customers.
To register for the service or to learn more, click here. You can find more information about Microsoft AccountGuard in my previous blog post. While AccountGuard is currently available for the campaign accounts of elected officials, we hope in the near future to offer it for government-run accounts, like official accounts of the European Parliament.
Protecting the birthplace of democracy
Europe is regarded as the ‘birthplace of democracy’. It was here that the principles of representative democracy were laid down – principles that have since been replicated across the globe. However, as the ongoing attacks demonstrate, this idea is increasingly under threat.
We believe the work of organizations like The German Marshall Fund and its Alliance for Securing Democracy are an essential part of efforts to secure democracies against those who seek to undermine it. Many organizations essential to democracy do not have the resources or expertise to defend themselves against cyberattacks. That is why we believe that technology providers have a responsibility to help. Microsoft AccountGuard offers additional security measures tailored to how these organizations operate. However, we recognize that we cannot solve this problem alone. That is why we are committed to continue working with local, national, and regional authorities as well as our industry peers to help protect democratic processes.