Full width home advertisement

Welcome Home

Post Page Advertisement [Top]

The Russian hacking group that targeted SolarWinds has continued to target computer networks in the US

It appears that Nobelium, the Russian hacking group that was responsible for the SolarWinds breach, is still active.

According to Microsoft, the Russian hackers responsible for the successful 2020 breach of US federal agencies have compromised up to 14 technology companies since May as part of what appears to be another espionage campaign, according to the company.


A different segment of the supply chain has been targeted this time around than it was during the 2020 breach: businesses that purchase and distribute software and companies that manage cloud computing services are the targets this time. Microsoft made no mention of the names of the victim companies or the ultimate targets of the alleged Russian spies.


After CNN reported earlier this month that the Russian hacking group had been attempting to infiltrate US and European government networks through compromised technology vendors, Microsoft issued a statement. This is the first time that Microsoft has commented on the matter.


According to Tom Burt, corporate vice president for customer security and trust at Microsoft, "this recent activity is yet another indication that Russia is attempting to establish long-term, systematic access to a variety of points in the technology supply chain as well as a mechanism for surveilling – now or in the future – targets of interest to the Russian government."


In an attempt to hack into more than 140 software resellers and other technology companies, the hackers used common techniques such as phishing, according to Microsoft. The ultimate goal, according to Burt, is to "impersonate an organization's trusted technology partner in order to gain access to downstream customers. "


It's the latest development in the investigation of a Russian group that has confounded US government and corporate defenses over the last two years, according to the New York Times.


The hackers are best known for hacking into at least nine US government agencies in December 2020, using tampered software developed by federal contractor SolarWinds to accomplish the hacking feat. For months, the attackers remained undetected in the unclassified email networks of the Departments of Justice, Homeland Security, and other government agencies.


The Obama administration accused Russia's foreign intelligence service, SVR, of exposing thousands of SolarWinds customers to malicious code in April, and the SVR has denied any involvement. Moscow has adamantly maintained its innocence.


A common accusation leveled against Russian intelligence agents is that they cast a wide net of potential victims before sifting through them in search of valuable targets. According to Microsoft, this is exactly what happened in May, when hackers pretended to be from a US government agency and sent malicious emails to 150 organizations in 24 different countries. A former US ambassador to Russia, as well as anti-corruption activists in Ukraine, were reportedly targets of that spying operation. 3,000 email accounts at a variety of organizations, the majority of which were based in the United States, according to Microsoft, were targeted by the malware Nobelium.


On Monday morning, Rob Joyce, director of the National Security Agency's Cybersecurity Directorate, shared the Microsoft announcement on Twitter and urged organizations to follow the security recommendations provided by the company.


Defense Secretary Lloyd Austin previously stated to CNN that the United States has "offensive options" for responding to cyberattacks, but he did not specify what those options are or how they would be implemented.


Following revelations that hackers had injected malicious code into a SolarWinds tool, the United States government has placed a high priority on cybersecurity. The Colonial Pipeline was shut down as a result of a ransomware attack in May, which brought attention to the issue by causing one of the most critical pieces of energy infrastructure in the United States to be shut down as a result.

No comments:

Post a Comment

Bottom Ad [Post Page]