Targeting of Internet of Things (IoT) devices used by Microsoft customers
Date of report
  • August 2019
  • Believed to be the work of Strontium, also known as APT 28 and Fancy Bear.
The threat actor exploited office devices’ weak, outdated security to access the networks of several Microsoft customers and infiltrate accounts with more privileges.
Suspected state sponsor
  • Russian Federation
Target category
  • Private sector