Russia's military intelligence agency has been busted for persistently attempting to hack into the Center for Strategic and International Studies, a prominent think tank populated by former U.S. government officials, according to a new batch of court filings.
The GRU hackers -- known as Fancy Bear, APT28 and Strontium -- used a variety of methods to penetrate the CSIS network since the 2016 election, according to court documents filed Wednesday by Microsoft, reported The Daily Beast.
Microsoft lawyers won an injunction last year allowing the tech company's security team to legally take over domain names registered by Fancy Bear hackers if the web address intrudes on a Microsoft trademark.
The company used that authority in August to stop attacks against two conservative think tanks, the Hudson Institute and the International Republican Institute.
Microsoft's attorneys notified a court Wednesday that Fancy Bear was behind spoof sites set up last month to mimic systems at the CSIS, which has been closely monitoring Russia's efforts to interfere with politics in other countries.
“CSIS is under consistent cyber-attack from a variety of state actors,” said Andrew Schwartz, the non-profit think tank's chief communications officer. “We spotted this incident immediately and were able to work with Microsoft to put a stop to it.”
Microsoft seized four domains Dec. 20 related to those efforts, and another registered by Fancy Bear the previous month likely intended to infiltrate Radio Free Europe/Radio Liberty, a U.S. government-funded media organization aimed at Eastern Europe.
The Kremlin successfully infiltrated CSIS at least once in 2016, but Microsoft's court filing shows a persistent effort to break in again.