- Microsoft said that Russian nation-state actor Nobelium has been attacking cloud service resellers and other technology service providers.
- 140 resellers and technology service providers were targeted, with as many as 14 believed to have been compromised,
- The White House previously blamed the SolarWinds attack on Russia’s SVR foreign intelligence agency, which managed to use Nobelium to go undetected for most of 2020.
Microsoft says the Russia-backed hacking group behind last year’s massive SolarWinds cyberattacks on U.S. government agencies and other institutions continues to target the global technology supply chain. In a blog post dated October 24, the tech giant said that Russian nation-state actor Nobelium has been attacking cloud service resellers and other technology service providers in hopes to “piggyback” on their access to their downstream customers. Resellers are intermediaries between software and hardware makers and product users.
“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Microsoft said.
Since the attacks were first noticed in May, 140 resellers and technology service providers were targeted, with as many as 14 believed to have been compromised, Microsoft said. These attacks continued with a larger wave over the summer, impacting 609 customers with a success rate in the low single digits.
“Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers, and their customers take timely steps to help ensure Nobelium is not more successful,” Microsoft said.
The New York Times quoted a senior administration official as saying the latest attacks were “unsophisticated, run-of-the-mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices.”
Earlier this month Microsoft said in a report that Nobelium was responsible for a majority of all nation-state cyberattacks over the past year. Most of the attacks targeted governments, nongovernmental organizations, and think tanks in the United States, Ukraine, and Britain.
The White House previously blamed the SolarWinds attack on Russia’s SVR foreign intelligence agency, which managed to use Nobelium to go undetected for most of 2020 as the hackers compromised several federal agencies. The Russian government has denied any involvement.
More Top Reads From Oilprice.com:
RFE/RL journalists report the news in 21 countries where a free press is banned by the government or not fully established. We provide what many…
Click this link for the original source of this article.
Author: ThinkCivics Newswire
This content is courtesy of, and owned and copyrighted by, https://thinkcivics.com and its author. This content is made available by use of the public RSS feed offered by the host site and is used for educational purposes only. If you are the author or represent the host site and would like this content removed now and in the future, please contact USSANews.com using the email address in the Contact page found in the website menu.