SolarWinds hackers targeting more tech companies, Microsoft says

  • In Politics
  • 2021-10-25 11:30:16Z
  • By Axios

Microsoft said Monday that the Russian-backed hackers behind the sprawling SolarWinds breach have targeted at least 140 companies "integral to the global IT supply chain" in a new effort to gain access to their customers' networks.

Why it matters: Despite warnings of retaliation from President Biden, Nobelium, which has been identified by the U.S. government as being part of Russia's foreign intelligence service, has continued major cyber espionage campaigns even after the attention it garnered from the SolarWinds hack.

Stay on top of the latest market trends and economic insights with Axios Markets. Subscribe for free

  • Microsoft warned in May that the group was also attempting to breach computer networks belonging to government agencies, think tanks, consultants and NGOs in order to steal data.

  • The Solarwind breach was uncovered in December 2020 but likely existed for months before its discovery.

What they're saying: The targets of this campaign are primarily resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers, Microsoft said.

  • "Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," the company said.

  • "We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," it added.

  • Microsoft said it has observed these types of attacks from the group since May 2021.

By the numbers: At least 14 of these resellers and service providers have been compromised by Nobelium.

  • Between July and mid-October, Microsoft said it had informed 609 customers that they had been attacked 22,868 times by Nobelium.

  • The group's success rate is currently in the "low single digits," Microsoft said.

The big picture: The Biden administration has devised collection strategies to get ahead of cybercriminals, including offering financial rewards for information that helps identify and locate people engaged in foreign state-sanctioned malicious cyber activities.

  • The administration has also called on major tech companies to work with the federal government to address the growing wave of cyberattacks, and they have responded with new cybersecurity projects and spending plans, Axios' Scott Rosenberg reports.

Go deeper: Google creates cybersecurity team to help respond to attacks


More Related News

World opposition leaders to speak at "Summit for Democracy"
World opposition leaders to speak at "Summit for Democracy"

Opposition leaders from Belarus to Venezuela and Hong Kong will speak during the inaugural "Summit for Democracy" this week, according to an official...

Dems' Corporate Minimum Tax Plan Raises Red Flags

President Biden's social spending and climate plan relies on a new 15% minimum tax on large corporations, which is projected to generate about $320 billion...

Biden's pick to lead major banking regulator drops out

President Biden's pick to head one of the country's most powerful banking regulators is dropping out of consideration for the post, according to a statement ...

Judge temporarily blocks Biden
Judge temporarily blocks Biden's vaccine mandate for federal contractors

A federal judge on Tuesday temporarily blocked President Biden's vaccine mandate for federal contractors nationwide.Why it matters: It's the latest setback...

Biden expressed "deep concerns" to Putin over Ukraine, White House says
Biden expressed "deep concerns" to Putin over Ukraine, White House says

The White House said President Biden voiced "deep concerns" about Russia's "escalation of forces surrounding Ukraine."

Leave a Comment

Your email address will not be published. Required fields are marked with *

Cancel reply


Top News: Politics