Group That Monitors Ukraine Conflict Suffers Cyberattack

PHOTO: The exterior of the Kosovar headquarters of the OSCE in the city of Prizen, as seen on Dec. 14, 2006. Matthias Schrader/AP Photo
The exterior of the Kosovar headquarters of the OSCE in the city of Prizen, as seen on Dec. 14, 2006.

The organization charged with monitoring the Russian-fomented conflict in eastern Ukraine confirmed on Wednesday that it suffered a data breach “compromising the confidentiality” of its computer network.

The Organization for Security Cooperation in Europe said that the breach was discovered in early November and that an investigation identified “the way in which the attacker accessed” its network.

“Some of the external communication destinations,” have also been identified, the organization said. It did not provide further details, but added that it did “not know who is behind the attack.”

News of the breach comes as authorities in the United States continue to examine Russian cybermeddling in the U.S. election and political institutions.

While no perpetrator has been officially named in the OSCE attack, French newspaper Le Monde cites a “Western intelligence service” in reporting that Russian-linked hacking group Fancy Bear as the possible perpetrators. ABC News has not independently confirmed the perpetrator’s identity.

Cybersecurity firm CrowdStrike identified Fancy Bear as one of two hacking groups that perpetrated a massive data breach on the Democratic National Committee’s computer systems in attacks that were revealed in June of this year.

The firm said that “Fancy Bear’s profile closely mirrors the strategic interests of the Russian government” and may be connected with the GRU — Russia’s primary military intelligence service.

The ongoing conflict in Ukraine has its roots in large protests that took place in the country in late 2013 and early 2014. In March of that year, Russia annexed the country’s Crimean Peninsula after a widely discredited regional referendum showed support for Russian control.

The referendum results showed “that some 97 percent of the Crimean population supported” Russian annexation, but that outcome was a “seeming impossibility, given the ethnic and language distribution” of the region, according to a study published by the U.S. Army’s Special Operations Command. The Ukrainian government, the U.S., the European Union and the G-7 said that they would not recognize the referendum’s results.

PHOTO: Two Ukrainian soldiers chat in a watch house of Marinka, Donetsk region, Ukraine, Dec. 24, 2016.Chen Junfeng/Newscom
Two Ukrainian soldiers chat in a watch house of Marinka, Donetsk region, Ukraine, Dec. 24, 2016.

The OSCE has provided regular monitoring of the armed conflict between Russian-backed separatist groups and groups fighting to keep the region in Ukraine. The organization was born out of thawing relations between the Soviet Union and Western countries in the 1970s.

While a cease-fire known as Minsk II was negotiated in February of 2015, there have been reports of ongoing strife and killings in the region since then.

The Ukrainian conflict has not been limited to a ground war. In February, U.S. government cybersecurity experts said that hackers were behind a massive power outage in the country in December 2015, which affected almost a quarter of a million people. A government report at that time did not name a perpetrator.

However, cybersecurity firm FireEye said in a report that a hacking group called Sandworm used malware called BlackEnergy3 to perpetrate the attacks.

The firm said that “a list of Sandworm victims aligns with the interests of the Russian state,” and that “documents recovered from an open command and control server indicate that Russian speakers operate” the BlackEnergy3 hacking tool.

ABC News’ Patrick Reevell and Lee Ferran contributed to this report.

Comments