As the Russia-Ukraine war continues to escalate for over a month, tech giant Microsoft Corp on Thursday said that it disrupted hacking attempts by Russian military spies that were targeting websites in Ukraine, European Union, and the US. In a statement, the US-based first said that a group called ‘Strontium’ was using at least seven internet domains in a bid to spy on government bodies and even think tanks in the EU, US. The hacker group also targeted Ukrainian institutions and media organisations.

However, Microsoft did not name any targets of the attempted breach. It is to note here that ‘Strontium’ is Microsoft’s name for a hacker group which others often refer to as ‘Fancy Bear’ or ‘APT28’, it is a hacking squad linked to Russian military intelligence. In a blog post published late Thursday, Microsoft said that the hacking group linked to Russia’s intelligence group tried to breach the security of several government organisations to support Moscow in the war with Kyiv.

The group which Microsoft called ‘Strontium’, is best known in the United States for hacking the Democratic National Committee in the 2016 election. Microsoft elaborated that the group was trying to hack the targets to “provide tactical support for the physical invasion and exfiltrate sensitive information.”

“We believe Strontium was attempting to establish long-term access to the systems of its targets, provide tactical support for the physical invasion and exfiltrate sensitive information,” said the tech firm.

“We have notified Ukraine’s government about the activity we detected and the action we’ve taken. We have since re-directed these domains to a sinkhole controlled by Microsoft, enabling us to mitigate Strontium’s current use of these domains and enable victim notifications,” it added.

Microsoft Corp obtained court order to disrupt hacking

To disrupt the cyber activities carried out by ‘Strontium’, the tech firm on Wednesday obtained a court order which authorised Microsoft Corp to “take control of seven internet domains Strontium was using to conduct these attacks”. It is also pertinent to note that the latest disruption by Microsoft was also the second time when a significant American corporation or government agency disclosed that it obtained a court order to target the hackers linked to Russia’s military intelligence, GRU.

