Russian Hackers Suspected of Attacking War Monitor

Written by

International war monitor the Organization for Security and Co-operation in Europe (OSCE) last week revealed it has been on the receiving end of a “major” cyber-attack.

The 57-member state body – which also monitors elections, and plays a role in arms control and cybersecurity – told AFP that it first became aware of a “major information security incident” back in early November.

The attack apparently “compromised the confidentiality" of its IT network and put its “integrity at risk”.

Although there’s no obvious official statement up on the OSCE site, spokeswoman Mersiha Causevic Podzic told the newswire that “the way in which the attacker accessed the OSCE was identified, as have some of the external communication destinations.”

There are rumors, emanating from a Western intelligence agency, that the notorious Russian hacking group APT28 is behind the attack.

There would certainly seem to be speculative evidence for this assumption, given that OSCE currently has 700 monitors overseeing the conflict with Russia in eastern Ukraine.

The conflict has been at the center of numerous cyber espionage campaigns tracked back to the Kremlin, most recently one aimed at tracking Ukrainian troop movements via the RAT Sofacy (X-Agent).

That particular campaign was also tied back to APT28 (aka Fancy Bear/Sofacy/Pawn Storm).

More infamously, the group has been linked to a hacking campaign against Democratic Party members which resulted in the publication of private emails designed to destabilize the Hillary Clinton presidential campaign and undermine the US democratic process.

Last week, President Obama decided to expel 35 suspected Russian spies and place sanctions on the GRU, which is thought to be linked to APT28, as well as another Russian intelligence service: the FSB.

However, France's ambassador to the OSCE, Veronique Roger-Lacan, tried to play down the seriousness of the attack.

“Diplomats at the OSCE are warned that attempted spying, in whatever form, are part and parcel of this organization,” she told AFP.

What’s hot on Infosecurity Magazine?