The Organization for Security Cooperation in Europe, a group tasked with monitoring the pro-Russian uprising in eastern Ukraine, admitted Wednesday to being the victim of a recent “major security incident.”
“There was an attack. We found out about it at the beginning of November,” an OSCE spokeswoman told Reuters, confirming reports of a cyberattack that appeared earlier Wednesday in the French newspaper Le Monde.
The attack “compromis[ed] the confidentiality” of the OSCE’s computer network and put “its integrity at risk,” but failed to fully sideline the organization’s ability to operate, spokesperson Mersiha Causevic Podzic told Agence France-Presse.
“The systems are safe now. We were given entirely new security systems and passwords,” she added.
The OSCE said it was personally incapable of identifying any potential suspects. According to Le Monde, however, an unnamed Western intelligence source anonymously claimed that the attack was waged by a hacking group linked to several high-profile earlier attacks attributed to the Russian government.
The OSCE spokeswoman acknowledged the agency was aware of “speculation” concerning the potential culprit: a purported unit of the Russia’s main military intelligence service referred to various names including APT28, Pawn Storm and Fancy Bear.
Security researchers have previously blamed that same group with launching cyberattacks against the Democratic National Committee and the chairman of Hillary Clinton’s failed 2016 White House run, John Podesta, prior to last month’s presidential race.
In addition to purely American targets, however, researchers as recently as last week linked that same hacking group to a newly uncovered campaign launched against the Ukrainian military. CrowdStrike, a U.S. security firm hired to investigate the DNC breach, said last week that Pawn Storm exploited a vulnerability affecting Android smartphones in a bid to infiltrate the mobile devices of Ukrainian soldiers.
The OSCE currently has about 700 monitors deployed across eastern Ukraine in a effort to watch over the ongoing skirmish that erupted there after the country’s pro-Russian former President Viktor Yanukovych was driven from office in February 2014
All 57 of the organization’s member states, including the U.S., Russia and Ukraine, were reportedly made aware of last month’s security breach.
The Russian government has previously denied being responsible for cyberattacks attributed to the group known as Pawn Storm. Nonetheless, U.S. officials told CNN Wednesday that the Obama administration plans to announced a series of retaliatory measures including expanded sanctions against Moscow as early as Thursday.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.