WASHINGTON: The Russian hacking group supported by the country by Solarwinds Cyberatts last year was behind a new and sustainable attack on US and European targets, Microsoft said Monday.
The threat of the threat of the threat of the Intotiger Center (MSTIC) said in blog posts that Nobelium Group tried to get access to cloud computing services and other IT service providers to infiltrate the “government, and other companies they serve”.
Explain Cyberattack as a “activity of the nation”, MSTIC said it was “sharing a distinctive characterization” of attacks on Solarwinds, a Texas-based software company targeted as a 300,000 customer base that gave hackers to a large number of companies.
Washington imposed sanctions in April and expelled Russian diplomats in retaliation for the alleged involvement of Moscow in Solarwinds attacks, as well as interference for other hostile elections and activities.
The latest attack has been going on since at least, MSTIC said, with the Nobelium mobilized “diverse and dynamic toolkits that include advanced malware”.
– An important link in the supply chain – “Nobelium has been trying to replicate the approach that has been used in the past attack by targeting an inseparable organization with the Global IT supply chain,” said Vice President Microsoft Tom Burt published at the end of the week.
This time, Burt noted, Nobelium targets “Reseller” – a company that adjusts Microsoft cloud computing services to use by businesses and other organizations.
“Since May, we have told more than 140 reseller service providers and technology that has been targeted by Nobelium,” he wrote.
“We continue to investigate, but until now we believe 14 of these resellers and service providers have been compromised.” Microsoft said he had told the victims of the latest attacks known.
While it did not determine one of the organizations that was beaten, he noted that they included “victims of interest in intelligence advantage”.
The software company urges its customers to check their security settings, using multi-factor authentication if possible.
This is not the first time Nobelium has returned since Solarwinds, with Microsoft announced in May that he again detected a series of attacks by groups of government institutions, think tanks, consultants and other organizations.
Burt said the speed of the attack increased, with Microsoft told more than 600 customers this year nearly 23,000 intrusion efforts.
While the success rate is only “in one low digit”, this is compared with “attacks from all nation-state actors 20,500 times over the past three years”.
Last year had seen a number of famous cyberattacks with great consequences because the company increasingly found themselves unable to do business when their online infrastructure was compromised.