SolarWinds hackers targeting more tech companies, Microsoft says




  • In Politics
  • 2021-10-25 11:30:16Z
  • By Axios
 

Microsoft said Monday that the Russian-backed hackers behind the sprawling SolarWinds breach have targeted at least 140 companies "integral to the global IT supply chain" in a new effort to gain access to their customers' networks.

Why it matters: Despite warnings of retaliation from President Biden, Nobelium, which has been identified by the U.S. government as being part of Russia's foreign intelligence service, has continued major cyber espionage campaigns even after the attention it garnered from the SolarWinds hack.

Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for free

  • Microsoft warned in May that the group was also attempting to breach computer networks belonging to government agencies, think tanks, consultants and NGOs in order to steal data.

  • The Solarwind breach was uncovered in December 2020 but likely existed for months before its discovery.

What they're saying: The targets of this campaign are primarily resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers, Microsoft said.

  • "Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," the company said.

  • "We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," it added.

  • Microsoft said it has observed these types of attacks from the group since May 2021.

By the numbers: At least 14 of these resellers and service providers have been compromised by Nobelium.

  • Between July and mid-October, Microsoft said it had informed 609 customers that they had been attacked 22,868 times by Nobelium.

  • The group's success rate is currently in the "low single digits," Microsoft said.

The big picture: The Biden administration has devised collection strategies to get ahead of cybercriminals, including offering financial rewards for information that helps identify and locate people engaged in foreign state-sanctioned malicious cyber activities.

  • The administration has also called on major tech companies to work with the federal government to address the growing wave of cyberattacks, and they have responded with new cybersecurity projects and spending plans, Axios' Scott Rosenberg reports.

Go deeper: Google creates cybersecurity team to help respond to attacks

COMMENTS

More Related News

Biden Signs Bill to Avert Shutdown - but More Showdowns Lay Ahead
Biden Signs Bill to Avert Shutdown - but More Showdowns Lay Ahead

President Biden on Friday signed a stopgap bill to fund the government through February 18, averting a government shutdown and pushing congressional budget...

Economy adds just 210,000 jobs in November even as COVID cases fall, schools reopen; unemployment drops to 4.2%
Economy adds just 210,000 jobs in November even as COVID cases fall, schools reopen; unemployment drops to 4.2%

The economy added 210,000 jobs in November as COVID cases fell and more schools reopened for in-person learning. Unemployment rate fell to 4.2%.

Biden must act on
Biden must act on 'grave threat' as Maduro's Venezuela aligns with Iran and Hezbollah | Opinion
  • World
  • 2021-12-03 16:58:09Z

US faces 'grave threat' as Maduro lets Iran-backed Hezbollah operate in Venezuela

Biden says team working on
Biden says team working on 'initiatives' to prevent Russian invasion of Ukraine
  • World
  • 2021-12-03 16:52:52Z

President Biden said Friday that his national security team is putting together a "set of initiatives" to make it "very, very difficult" for Russian...

Putin to demand legal guarantee against NATO expansion in call with Biden
Putin to demand legal guarantee against NATO expansion in call with Biden
  • World
  • 2021-12-03 16:36:19Z

Russian President Vladimir Putin is demanding a legally binding guarantee that NATO will not expand east - including to Ukraine - and plans to raise the...

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply

Comments

Top News: Politics