Attacks occurred between September and December 2018. Most originated from Strontium group, which the tech giant previously associated with the Russian government.
Microsoft Corp on Wednesday said it had discovered hacking targeting democratic institutions, think tanks and non-profit organisations in Europe and plans to offer a cybersecurity service to several countries to close security gaps.
The attacks occurred between September and December 2018, targeting employees of the German Council on Foreign Relations and European offices of The Aspen Institute and The German Marshall Fund, the company said.
Microsoft said the activity, which was found through the company's Threat Intelligence Center and Digital Crimes Unit, targeted 104 employee accounts in Belgium, France, Germany, Poland, Romania, and Serbia.
Microsoft said many of the attacks originated from a group called Strontium, which the company has previously associated with the Russian government.
Strontium, one of the world's oldest cyber espionage groups, has also been called APT 28, Fancy Bear, Sofancy and Pawn Storm by a range of security firms and government officials.
Security firm CrowdStrike has said the group may be associated with the Russian military intelligence agency GRU.
Microsoft said it will expand its cybersecurity service AccountGuard to 12 new markets in Europe including Germany, France and Spain to help customers secure their accounts.
The AccountGuard service will also be available in Sweden, Denmark, Netherlands, Finland, Estonia, Latvia, Lithuania, Portugal and Slovakia.
Ahead of a critical European Parliament election in May, German officials are trying to bolster cybersecurity after a far-reaching data breach by a 20-year-old student laid bare the vulnerability of Europe's largest economy.