Posts Tagged ‘hackers’

HBO’s Hack: ‘Hollywood Is Under Siege’

August 11, 2017

The recent breach at the network highlights vulnerabilities unique to the entertainment industry

Image may contain: 2 people, ocean and outdoor

Aug. 11, 2017 5:30 a.m. ET

At a time when HBO should be relishing the record ratings of its hit drama “Game of Thrones,” executives there are instead are grappling with a hacker shakedown that could be a plot point on the network’s “Silicon Valley.”

The breach of the network’s systems that was disclosed last month is developing into a prolonged crisis. Hanging over HBO now is the daily threat of leaks of sensitive information, ranging from show content to actors’ and executives’ personal information.

The hack at HBO comes almost three years after a high-profile one at Sony Corp. and highlights persistent vulnerabilities unique to the entertainment industry. The pressing issue isn’t safeguarding credit-card numbers and account details. Instead, executives are worried about potential damage to intellectual property if television-show spoilers are made available before episodes are officially aired.

“Hollywood is under siege,” said Jeremiah Grossman, chief of security strategy for cybersecurity company Sentinel One. “It seems easy to hack a network, and they perceive that they can make money doing so.”

Already, scripts of “Game of Thrones” episodes have been leaked by the hackers, whose leader calls himself “Mr. Smith.” Also made public were episodes of other shows, including comedies “Ballers” and “Insecure,” and a month’s worth of emails from an executive.

When the hackers came forward late last month, an HBO technology-department employee sent them a letter offering $250,000 to participate in the company’s “bug bounty” program, in which technology professionals are compensated for finding vulnerabilities, according to a person familiar with the matter.

HBO was buying time with that response and isn’t in negotiations with the hackers, the person said. The hacker has demanded a ransom of around $6 million.

The network has also been working with the Federal Bureau of Investigation and other law-enforcement agencies and cybersecurity firms to address the matter, people familiar with the matter say.

Meanwhile, the cable network is playing Whac-A-Mole. It managed to take down the website and digital locker the hacker initially used to distribute show material after sending takedown notices to internet-service providers, according to the person familiar with the matter. It alerted potentially exposed “Game of Thrones” cast members of the hack before Mr. Smith posted material that includes some of their phone numbers.

In a statement, HBO Chairman and Chief Executive Richard Plepler said, “The consensus here was a path to transparency. When something like this happens, the best you can do is try to protect the people you work with inside and outside the company. That’s what our focus has been.”

Unlike retailers, entertainment firms usually don’t shoulder the burden of protecting customer-account details, because that is handled by cable, satellite and web-TV distributors.

The urgent worry is that fewer viewers will watch episodes that can cost several million dollars each if hackers supply a stream of spoilers. That hasn’t happened yet. The last “Game of Thrones” episode, which aired on Aug. 6 attracted a record 10.2 million viewers.

The fear also relates to the chance of emails emerging that could hurt relations with talent or other companies. In the Sony hack, then-studio chief Amy Pascal was embarrassed by emails in which she made a joke about President Barack Obama’s taste in movies as well as disparaging remarks about actors, including Adam Sandler.

“Leakage will be your worst nightmare; your competitors will know about current & future strategies, your inner circle inside HBO & senior staff will be thrown into chaos,” the hackers promised in a video note to Mr. Plepler they posted earlier this week.

HBO has said it expects more information to leak out but said its review of the matter “has not given us a reason to believe that our email system as a whole has been compromised.”

After the Sony hack, many entertainment companies, including HBO’s parent Time Warner Inc., beefed up their own security.

Around the same time, though, in a cost-saving move, Time Warner centralized much of the technology operations that previously existed in the individual units, which also include Turner and Warner Bros.

Now that strategy is being rethought, and the individual units are being encouraged to take on more autonomy and responsibility for their own technology infrastructure, the person familiar with the matter said.

Prior to the HBO hack, sister unit Turner Broadcasting had already begun the process of overhauling some of its information technology after an assessment revealed that a hack into one network, such as Cartoon Network, could easily be a gateway into CNN.

The HBO hack also comes as Time Warner is in the process of being acquired by AT&T Inc. However, the hack isn’t expected to have any effect on the sale or the terms of the deal, according to media analyst Michael Nathanson of MoffettNathanson Research. An AT&T spokesman declined to comment.

Cybersecurity expert Mr. Grossman, who has tested security networks for Hollywood TV and movie companies, said these firms are vulnerable because they work with so many partners that “their data is all over the place.”

Write to Joe Flint at joe.flint@wsj.com and Tripp Mickle at Tripp.Mickle@wsj.com

https://www.wsj.com/articles/hbos-hack-hollywood-is-under-siege-1502443802

Related:

HBO hackers demand millions in ransom note

August 8, 2017

AFP

© AFP/File | Hackers claiming to have breached HBO are demanding a ransom, threatening to leak more content from the popular show “Game of Thrones” if the network refuses to pay

WASHINGTON (AFP) – Hackers claiming to have breached HBO were demanding millions of dollars in ransom payments from the television group, while threatening to release more files from what is claimed to be a massive data breach.A video circulating online directs a message to HBO chief Richard Plepler claiming that the group “obtained valuable information” in an attack that yielded a whopping 1.5 terabytes of data.

The message was authored by someone identified only as “Mr. Smith.”

The website Databreaches.net reported that 10 files were leaked Monday as part of the demand including what may be another script of the popular fantasy series “Game of Thrones.”

The video revealed a letter stating the hackers obtained “highly confidential” documents and data including scripts, contracts and personnel files.

“We want XXX dollars to stop leaking your data,” the letter said, later alluding to a figure of half the group’s annual budget of $12 million to $15 million.

It went on to say, “HBO spends 12 million for Market Research and 5 million for GOT7 advertisements. So consider us another budget for your advertisements!”

The message comes a week after a leak of one script of “Games of Thrones” and content from other productions.

The letter said HBO was the 17th target for the hacking group and that “only 3 of our past targets refused to pay and were punished very badly and 2 of them collapsed entirely.”

HBO said in a statement that it believed that further leaks might emerge from the breach and that “the forensic review is ongoing.”

“While it has been reported that a number of emails have been made public, the review to date has not given us a reason to believe that our email system as a whole has been compromised,” the statement from the Time Warner unit said.

“We continue to work around the clock with outside cybersecurity firms and law enforcement to resolve the incident.”

Israel Security Chief: Agency Strikes Back at Online Hackers — Offensive cyber counterattacks

June 27, 2017

JERUSALEM — Israel’s security chief says his agency, the Shin Bet, has gone on the offensive against hackers trying to carry out cyberattacks against Israel on the internet.

The remarks by Nadav Argaman are a rare admission of Israel’s use of offensive cyber capabilities.

Argaman spoke at a cyber defense conference in Tel Aviv on Tuesday.

He says that “passive defense” is not enough, and that the Shin Bet studied hackers’ strategies and developed “a variety of ways and methods” on how to strike back.

Israeli cyber officials are ordinarily reluctant to discuss the use of offensive capabilities against hackers.

Apple’s mounting problems in China: Apple Customer Data in China Was Sold Illegally, Police Say

June 10, 2017

To Apple’s mounting problems in China, add official scrutiny over privacy.

The Chinese police said this week that they had arrested 22 people suspected of selling the personal data of an unspecified number of Apple customers. The police, in Cangnan County in the eastern province of Zhejiang, said the thieves had reaped 50 million renminbi, or about $7.3 million, over an unspecified period.

Many of the details were unclear, including the identities of those involved and the severity of the breach.

In a statement on Wednesday, the Cangnan police said they found that Apple employees had illegally acquired personal data, then later in the same statement said 20 of the 22 people worked for companies that sell Apple products or are Apple contractors. The police did not disclose information about the other two people. In China, Apple’s products are sold broadly, in electronics chain stores and small booths in shopping malls in addition to the company’s official Apple Stores.

The Cangnan police also said the data included the names, Apple identification numbers and phone numbers of Apple users. They did not say whether passwords or financial information like credit card numbers were involved, which would suggest the thieves had access to internal Apple data and would make the breach more serious.

The arrests are part of a set of broader difficulties in China for Apple, which is based in Cupertino, Calif. Sales of iPhones, still a sign of middle-class aspiration in China, have slowed, according to analysts, as the public waits for new models and as Chinese manufacturers of cheaper phones step up their quality and marketing.

Apple has also faced new scrutiny from the government on other fronts. Last year its movie and book services were shut down in China.

Still, Apple may simply be caught up in a wider rising of concern over privacy in China.

Few people in China expect the country’s authoritarian central government to stay out of their business. But outside of that, a growing number of Chinese people fear cybercrime and identity theft, particularly as millions of them turn to online shopping and using money electronically.

Between widespread malware campaigns and a large number of new internet users, China has become a playground for internet fraudsters. Last year, China tried 361 criminal cases involving violation of personal data, up from 176 in 2015, said Xie Yongjiang, associate director for the Institute of Internet Governance and Law at the Beijing University of Posts and Telecommunications.

“It is very common. Every one of us can feel it,” Mr. Xie said. “For example, after your child is born at a hospital, someone will phone you and ask if you need baby products. When your child turns 3, someone will phone you and ask if your child would go to their nursery school. When your child reaches primary school age, someone will phone you to ask if you need training services.”

“You have no idea who exposed your personal data,” he added.

The problem is not new. In one incident reported in the Chinese news media just this week, an employee of a Shanghai delivery company was recently arrested on suspicion of selling clients’ personal data.

Other examples abound. An apparent trove of login information leaked onto the Chinese internet was used to hack more than 20 million accounts on Alibaba’s e-commerce site Taobao, according to news reports. Alibaba said that its security systems had not been breached and that it had worked with the police to quickly catch the perpetrators.

In another example, China News Service, a state-run news agency, reported late last year that login information and other personal data from accounts associated with the Chinese e-commerce site JD.com were exposed in 2013 as part of a security problem. JD.com said it had quickly fixed the issue.

The problem is not even new to Apple. Last year, 10 employees of an Apple contractor in China were also found with data from more than 80,000 users.

Related:

Chinese Apple staff suspected of selling private data

June 8, 2017

AFP

© AFP | Chinese authorities say they have uncovered a massive underground operation run by Apple employees selling computer and phone users’ personal data.

BEIJING (AFP) – 

Chinese authorities say they have uncovered a massive underground operation run by Apple employees selling computer and phone users’ personal data.

Twenty-two people have been detained on suspicion of infringing individuals’ privacy and illegally obtaining their digital personal information, according to a statement Wednesday from local police in southern Zhejiang province.

Of the 22 suspects, 20 were Apple employees who allegedly used the company’s internal computer system to gather users’ names, phone numbers, Apple IDs, and other data, which they sold as part of a scam worth more than 50 million yuan ($7.36 million).

The statement did not specify whether the data belonged to Chinese or foreign Apple customers.

Following months of investigation, the statement said, police across more than four provinces — Guangdong, Jiangsu, Zhejiang, and Fujian — apprehended the suspects over the weekend, seizing their “criminal tools” and dismantling their online network.

The suspects, who worked in direct marketing and outsourcing for Apple in China, allegedly charged between 10 yuan ($1.50) and 180 yuan ($26.50) for pieces of the illegally extracted data.

The sale of personal information is common in China, which implemented on June 1 a controversial new cybersecurity law aimed at protecting the country’s networks and private user information.

In December, an investigation by the Southern Metropolis Daily newspaper exposed a black market for private data gathered from police and government databases.

Reporters successfully obtained a trove of material on one colleague — including flight history, hotel checkouts and property holdings — in exchange for a payment of 700 yuan ($100).

Related:

China’s New Cybersecurity Law Tested by iPhone Information Theft

June 7, 2017

Foreign technology companies said they were uncertain how the new law would affect their operations

Image result for apple store in China, photos

The Wall Street Journal
June 7, 2017 9:38 a.m. ET

BEIJING—A week after China’s first cybersecurity law took effect, an investigation over the alleged theft and sale of iPhone users’ information looked set to test how well Apple Inc. and other foreign companies protect Chinese citizens’ personal data.

Police in eastern China said they had detained 22 people, including 20 from Apple “direct sales outlets” in China and companies Apple outsources services to. Police said those detained had used Apple’s internal system to illegally obtain information associated with iPhone products like phone numbers, names and Apple IDs, and then sold the information.

A statement by police in Cangnan county in Zhejiang province gave no further information on the Apple outlets involved, or details on the two other people detained. Calls to the police’s news department went unanswered.

The statement said the 22, who were detained May 3, charged from 10 yuan ($1.50) to 180 yuan for each piece of information and that the total amount of money involved was over 50 million yuan.

An Apple spokeswoman in China didn’t respond to a request for comment.

China has long struggled to rein in a robust black market in personal information, prompting one political activist last year to purchase and publish in a form of protest the private data of several Chinese tech CEOs, including Alibaba Group Holding Ltd. co-founder Jack Ma. The activist showed evidence of one vendor offering to sell personal information ostensibly belonging to Chinese President Xi Jinping for 1,000 yuan.

A core aim of the cybersecurity law is to better protect individuals’ private data, authorities have said.

iPhone users’ information is highly prized on the black market because of the belief they are more affluent. Obtaining data such as a user’s Apple ID could help hackers lock iPhones remotely and then demand payment from the user to unlock it. The potential for abuse widens further if hackers gain access to a user’s cloud storage.

Ahead of the June 1 implementation of the cybersecurity law, foreign technology companies expressed concern, saying they were uncertain how it would affect their operations. Specific measures to comply with the law’s mandates on protection of personal information are still being worked out, according to the regulator, China’s Cyberspace Administration.

Under earlier laws, companies have largely escaped punishment when employees used their access to internal computer systems to steal users’ personal data, according to Liu Chunquan, an intellectual property lawyer with Shanghai-based Duan & Duan Law Firm.

That has changed under the cybersecurity law, Mr. Liu said, with companies now potentially facing fines and other punishment by regulators unless they can prove their systems weren’t to blame for leaks.

“Now with this law, Apple as a company faces much greater legal risk than it would have before,” he said.

A company could face fines of as much as 10 times the illegal revenue from a theft if it is found to have had inadequate protections against a leak, according to the law. In serious situations, regulators can temporarily close or revoke the business licenses of companies found in violation of the new law.

Based on information police have released so far, government authorities could now have grounds to look into potential holes in Apple’s internal data management in China, said You Yunting, a partner with Shanghai-based DeBund Law Offices.

Cangnan police posted a series of photos of officers detaining and interrogating the detainees on the popular WeChat messaging app. In one image, several people are shown standing in front of a police station in handcuffs. They are accompanied by what appears to be plainclothes police, including one holding a bouquet of flowers.

Yang Jie and Josh Chin contributed to this article

(END) Dow Jones Newswires

June 07, 2017 09:53 ET (13:53 GMT)

https://www.wsj.com/articles/chinas-new-cybersecurity-law-tested-by-iphone-information-theft-1496842716

Macron, Putin Hold Talks Amid Strained U.S.-European Ties

May 29, 2017

.

The talks at Versailles are the French president’s first with the Russian leader since winning election earlier this month

Alongside French President Emmanuel Macron, Russian President Vladimir Putin waves upon his arrival at the Versailles Palace on Monday.

Alongside French President Emmanuel Macron, Russian President Vladimir Putin waves upon his arrival at the Versailles Palace on Monday. PHOTO: STEPHANE DE SAKUTIN/AGENCE FRANCE-PRESSE/GETTY IMAGES
.

VERSAILLES, France—French President Emmanuel Macron and his counterpart Vladimir Putin of Russia strained Monday to turn the page on allegations of Russian interference in France’s elections well as their differences over Syria, with the French leader describing the alleged use of chemical weapons by the Assad regime as a “red line.”

The newly elected French leader was hosting Mr. Putin at the Palace of Versailles to mark 300 years of Franco-Russian diplomacy that began under Russian Czar Peter the Great.

Heightened tensions with Moscow loomed over the meeting as Mr. Macron and other European leaders have begun to weigh a geopolitical landscape defined by increasingly fragile trans-Atlantic relations. Last week U.S. President Donald Trump didn’t reaffirm the principle of mutual defense at the heart of the North Atlantic Treaty Organization, to which the U.S. and 27 other nations belong. That prompted German Chancellor Angela Merkel to say this weekend it was time to “really take our fate into our own hands.’’

“It was an extremely frank, direct conversation,” Mr. Macron said in a joint news conference with Mr. Putin after their talks.

Any fissures in the NATO alliance provide Mr. Putin with an opening to drive a lasting wedge between the U.S. and its allies on a range of foreign policy fronts. Europe has often strained to show unity on defense and foreign policy, a struggle that risks being exacerbated without full-throated security assurances from the U.S. and with the looming departure of the U.K. from the European Union.

On Monday, Mr. Macron stood firm on the European Union’s sanctions on Russia over its annexation of Crimea as well as France’s opposition to Syrian President Bashar al-Assad whom the West has accused of carrying out chemical attacks against his own people.

“There is a very clear red line on our side,” Mr. Macron said. “The use of chemical weapons by anyone—so any use of chemical weapons—will meet with retaliation and an immediate response.”

Mr. Macron also said reopening France’s embassy in Damascus was “not my priority.”

Mr. Putin said attacks on the Assad regime would only strengthen militant groups like Islamic State.

“It is impossible to combat the terrorist threat by destroying the statehood of countries that already suffer from internal problems,” Mr. Putin said.

The Macron-Putin meeting was also closely watched for signs of personal animus between the two leaders. Mr. Putin irked Mr. Macron’s presidential campaign by hosting his rival, National Front leader Marine Le Pen, during a visit to Russia.

“If Ms. Le pen asked to meet, why should we turn her down?” Mr. Putin said as Mr. Macron looked on.

The Russian leader also dismissed allegations the Macron campaign made that Kremlin-backed hackers and media outlets interfered in France’s presidential election. Mr. Macron’s party En Marche said in February its website was targeted by thousands of hacking attempts and that Kremlin controlled outlets spread defamatory rumors about the candidate in an attempt to destabilize the campaign. In the final hours of official campaigning, Mr. Macron’s party said it was hacked when thousands of emails and documents purportedly from the campaign were leaked on the internet.

“They say Russian hackers may have interfered,” Mr. Putin said, referring to the Macron campaign. “Dear colleagues, how can you comment on such things?”

The remarks belied initial attempts by both leaders to play down the alleged interference. Mr. Macron he did not discuss the issue with Mr. Putin behind closed doors because he wanted to be “pragmatic.”

That resolve wavered when a Russian journalist asked Mr. Macron why his campaign banned Russia Today and Sputnik from its headquarters.

“Russia Today and Sputnik did not behave like press organizations or journalists, they behaved like organization of influence, of propaganda, and false propaganda,” he said.

Write to Stacy Meichtry at stacy.meichtry@wsj.com and William Horobin at William.Horobin@wsj.com

https://www.wsj.com/articles/macron-putin-hold-talks-amid-strained-u-s-european-ties-1496062884?mod=e2tw&tesla=y

Related:

.

Antivirus firm warns of cyberattacks on home appliances

May 18, 2017

AFP

© AFP/File | Internet security became a hot topic when a ransomware attack hit more than 300,000 computers worldwide, affecting the likes of Britain’s National Health Service, US package delivery giant FedEx and Germany’s Deutsche Bahn rail network

PRAGUE (AFP) – 

Avast, the company behind the leading antivirus software, warned Thursday against attacks on home appliances connected to the internet, calling hackers targeting home routers a major threat to consumers.

“It’s a trivial thing to do and there’s nothing the user can do to fix it, other than to throw the router away and put in a new router,” Avast chief executive Vincent Steckler told reporters.

Avast chief technology officer Ondrej Vlcek said that more and more people were using internet-enabled appliances which he described as “a total nightmare when it comes to security”.

Vulnerable appliances include TV sets, audio systems, coffee machines and toys, according to the Prague-based company, which every month registers 444 million users and prevents 3.5 billion malware attacks and 500 million visits to harmful websites.

In February, London police arrested a Briton suspected of staging a cyberattack on household routers run by Deutsche Telekom in November 2016, which knocked an estimated million German households offline.

Steckler said his company had hacked into a router at a recent show in the United States to demonstrate the harm such attacks can do.

Avast changed the router’s firmware, took control of a TV set and made it play a Barack Obama speech over and over.

“Even if you turn off the TV, the router turns the TV back on and the user can’t see anything other than the Obama speech,” Steckler said, adding that the hacker could then hold the TV for ransom.

“I know most people, especially Americans, care much more about their TV than they do about their data. They’d probably be much more willing to pay ransom for it,” he said, chuckling.

Internet security became a hot topic last Friday when a ransomware attack hit more than 300,000 computers worldwide, affecting the likes of Britain’s National Health Service, US package delivery giant FedEx and Germany’s Deutsche Bahn rail network.

Suspected Russia hackers ‘targeted Macron campaign’

April 25, 2017

Researchers say the hacker group Pawn Storm tried to interfere in the campaign of French presidential front-runner Emmanuel Macron. US spy agencies suspect the group of having links to Russia’s intelligence apparatus.

Symbolbild Cyberangriff (picture-alliance/dpa/MAXPPP/A. Marchi)

French presidential candidate Emmanuel Macron’s political campaign was targeted by a hacker group with suspected Russian connections, a report by a cybersecurity research group said on Tuesday, bolstering previous suggestions that the Kremlin has been trying to interfere in the French elections.

Researchers with the Japan-based anti-virus firm Trend Micro said the Pawn Storm group, which is alleged to have carried out a number of high-profile hacking attacks in the West, used so-called “phishing” techniques in an attempt to steal personal data from Macron and his campaign staffers.

“Phishing” employs lookalike websites designed to fool victims into entering sensitive information such as usernames, passwords and credit card details. Trend Micro said it had recently detected four Macron-themed fake domains being created on digital infrastructure used by Pawn Storm, which is also known as Fancy Bear or APT28.

Trend Micro researcher Feike Hacquebord said that determining who was behind a spying campaign was a difficult challenge in the world of cybersecurity, but that he was almost certain.

“This is not a 100 percent confirmation, but it’s very, very likely,” he said.

Read more: France warns Russia

The Kremlin at work?

Trend Micro did not name any country as being behind Pawn Storm’s activities, but the group is widely suspected of having links to Russia’s security services.

The Kremlin is seen as a keen backer of Macron’s rival in the presidential race, Marine Le Pen, who espouses policies considered as likely to be favored by Moscow, such as France’s exit from the European Union. Macron has always staunchly advocated strengthening, rather than weakening, the bloc.

Russia has repeatedly denied accusations of trying to interfere in the French – or other – elections. On Monday, Kremlin spokesman Dmitry Peskov was quoted as saying that claims of the Kremlin’s attempting to influence the election outcome in France were “completely incorrect.”

Pawn Storm is also thought to be behind cyberattacks last summer on the US Democratic National Committee that were suspected to be aimed at undermining Hillary Clinton’s bid for the White House. Other suspected targets in recent months include media groups such as “The New York Times” and Al-Jazeera.
Read more: ‘Election cyberattacks threat in Germany’

Präsidentschaftswahl in Frankreich Emmanuel Macron (Getty Images/V. Isore/IP3)Macron is widely seen as likely to win the second round of elections on May 7

Attempted intrusions

The head of Macron’s digital campaign, Mounir Mahjoubi, confirmed to The Associated Press that there had been attempted intrusions, but said they had all been foiled.

Mahjoubi also confirmed that at least one of the fake sites identified by Trend Micro had been recently used as part of an attempt to steal sensitive information from campaign staffers.

An internal campaign report lists thousands of attempted cyberattacks since Macron launched his campaign last year. In February, the campaign’s secretary-general, Richard Ferrand, said the scale and nature of the intrusions indicated that they were the work of a structured group and not individual hackers.

Macron, who won the first round of France’s presidential election on Sunday, will face Le Pen in a runoff on May 7.

The French elections were carefully monitored for digital interference following suspicions that hackers backed by Moscow had attempted to influence the US electoral contest in 2016.

http://www.dw.com/en/suspected-russia-hackers-targeted-macron-campaign/a-38580848

Related:

Germany’s Federal Office for Information Security: Cyber Spies Target Germany Ahead of Election, Party Think Tanks Say

April 25, 2017

FRANKFURT — Two foundations tied to Germany’s ruling coalition parties were attacked by the same cyber spy group that targeted the campaign of French presidential favourite Emmanuel Macron, a leading cyber security expert said on Tuesday.

The group, dubbed “Pawn Storm” by security firm Trend Micro, used email phishing tricks and attempted to install malware at think tanks tied to Chancellor Angela Merkel’s Christian Democratic Union (CDU) party and coalition partner, the Social Democratic Party (SPD), Feike Hacquebord said.

Hacquebord and other experts said the attacks, which took place in March and April, suggest Pawn Storm is seeking to influence the national elections in the two European Union powerhouses.

“I am not sure whether those foundations are the actual target. It could be that they used it as a stepping stone to target, for example, the CDU or the SPD,” Hacquebord said.

The mysterious cyber spying group, also known as Fancy Bear and APT 28, was behind data breaches of U.S. Presidential candidate Hillary Clinton and Merkel’s party last year, Hacquebord said.

Other security experts and former U.S. government officials link it to the Russian military intelligence directorate GRU. Hacquebord and Trend Micro have stopped short of making that connection.

No automatic alt text available.

Russia has denied any involvement in the cyber attacks.

Since 2014, Merkel has pushed the European Union to maintain sanctions on Russia over its actions in eastern Ukraine and Crimea. Her coalition partners, the Social Democrats, back a more conciliatory stance towards Moscow.

“What we are seeing is kind of a replication of what happened in the United States,” David Grout, a Paris-based technical director of U.S. cyber security firm FireEye, said of technical attacks and efforts to spread fake news in Europe.

No automatic alt text available.

Hacquebord said on Monday he had found new evidence that Macron’s campaign was targeted by Pawn Storm. (https://goo.gl/8Ja2Bq)

German officials have told Reuters that politicians fear sensitive emails stolen from senior lawmakers by Russian hackers in 2015 could be released before the election to damage Merkel, who is seeking a fourth term, and her conservative party.

Trend Micro uncovered efforts to break into the accounts of CDU politicians in April and May, 2016. The BSI, Germany’s federal cyber security agency confirmed these attempts but said they were unsuccessful. New attacks in 2017 suggest renewed efforts to gain comprising data is underway, Hacquebord said.

Pawn Storm set up a fake computer server located based in Germany at kasapp.de to mount email phishing attacks against the CDU party’s Konrad Adenauer Foundation (KAS) and a server located in the Ukraine at intern-fes.de to target the SPD’s Friedrich Ebert Foundation (FES).

A KAS spokesman said BSI warned KAS in early March of “peculiarities” but that a subsequent network scan by the government cyber security agency found “nothing suspicious”.

The BSI declined to comment, as did the Friedrich Ebert Foundation.

Kremlin spokesman Dmitry Peskov dismissed allegations of Russian involvement.

“We would be pleased if this investigative group sent us the information, and then we could check it,” Peskov told reporters on Tuesday. “Because for now it does not go beyond the boundaries of some anonymous people.”

Trend Micro published a 41-page report charting Pawn Storm attacks over the past two years, building on a dozen previous technical reports (https://goo.gl/WvjuLv). A timeline can be downloaded here (https://goo.gl/npY0OJ).

(Additional reporting by Peter Maushagen in Frankfurt, Andreas Rinke and Andrea Shalal in Berlin and Maria Tsvetkova in Moscow; Editing by Richard Lough)

*********************************************

“We are noticing attacks against government networks on a daily basis,” Arne Schoenbohm, president of Germany’s Federal Office for Information Security (BSI), told the newspaper Welt am Sonntag.

BSI is in close contact with election officials, political parties and German federal states to discuss how to guard against cyber attacks and stands ready to react to potential attacks ahead of the elections, Mr Schoenbohm said.

http://www.telegraph.co.uk/news/2017/03/19/german-cybersecurity-watchdog-raises-attack-alert-level/