Denmark's defense minister, Claus Hjort Frederiksen, has accused Russian hackers of targeting their Defence Ministry's email accounts for the past two years, but very few times they succeeded.
According to the reports published by the Centre for Cyber Security (CFCS), a group of pro-Kremlin hackers tried to broke into the emails accounts of the country's defense ministry's employees in 2015 and 2016.
“What’s happening is very controlled. It’s not small hacker groups doing it for the fun of it,” Frederiksen told Danish news agency Ritzau.
“It’s connected to intelligence agencies or central elements in the Russian government, and holding them off is a constant struggle.”
The hacking group behind this attack said to be the same group which allegedly hacked American Democrat Party email accounts last year during the Presidential election campaign. The group is allegedly controlled and operated by the Russain government, and functions with different names as APT28, Pawn Storm, Sofacy and Fancy Bears.
Here is the timeline of the Hack attack done by the Russian hackers
According to the reports published by the Centre for Cyber Security (CFCS), a group of pro-Kremlin hackers tried to broke into the emails accounts of the country's defense ministry's employees in 2015 and 2016.
“What’s happening is very controlled. It’s not small hacker groups doing it for the fun of it,” Frederiksen told Danish news agency Ritzau.
“It’s connected to intelligence agencies or central elements in the Russian government, and holding them off is a constant struggle.”
The hacking group behind this attack said to be the same group which allegedly hacked American Democrat Party email accounts last year during the Presidential election campaign. The group is allegedly controlled and operated by the Russain government, and functions with different names as APT28, Pawn Storm, Sofacy and Fancy Bears.
Here is the timeline of the Hack attack done by the Russian hackers
- March-June 2015: A smaller number of phishing emails were sent to specific employees working in the Defence Ministry and Foreign Ministry
- April-June 2015: First attempt to steal login information using a fake login site for the Defence’s email system. Several hundred phishing emails were sent to specific employees working for the Defence Ministry again
- June-October 2015: A small number of phishing emails were sent to specific employees working for the Defence Ministry and Foreign Ministry
- September-October 2015: The second attempt to steal login information was attempted, again using a fake login site. Several hundred phishing emails were sent to specific employees working for the Defence Ministry during this time as well. During the same period, attempts to force entry to Defence email accounts were also discovered
- February-April 2016: Reconnaissance activity against the Defence’s emails and other public authorities’ email systems
- April 2016: Hackers try to force entry into several user accounts for remote access for servers for several Defence IT systems. Should one such server be compromised, the hacker can potentially gain access and control it.
- October 2016: The hacker’s third attempt at stealing login information using a fake login page is attempted and about 1,000 phishing emails were sent to specific employees working for the Defence Ministry again