The group behind the SolarWinds cyberattack recognized late final yr is now focusing on authorities businesses, assume tanks, consultants, and non-governmental organisations, Microsoft stated late on Thursday.
“This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organisations”, Microsoft stated in a weblog.
Nobelium, originating from Russia, is identical actor behind the assaults on SolarWinds clients in 2020, in line with Microsoft.
“This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organisations”, Microsoft stated.
While organisations within the United States obtained the most important share of assaults, focused victims got here from no less than 24 international locations, Microsoft stated.
At least 1 / 4 of the focused organisations have been concerned in worldwide improvement, humanitarian points and human rights work, Microsoft stated within the weblog.
Nobelium launched this week’s assaults by breaking into an electronic mail advertising account utilized by the United States Agency For International Development (USAID) and from there launching phishing assaults on many different organisations, Microsoft stated.
The hack of data know-how firm SolarWinds, which was recognized in December, gave entry to hundreds of corporations and authorities workplaces that used its merchandise. Microsoft President Brad Smith described the assault as “the largest and most sophisticated attack the world has ever seen”.
This month, Russia’s spy chief denied duty for the SolarWinds cyberattack however stated he was “flattered” by the accusations from the United States and Britain that Russian international intelligence was behind such a complicated hack.
The United States and Britain have blamed Russia’s Foreign Intelligence Service (SVR), successor to the international spying operations of the KGB, for the hack which compromised 9 US federal businesses and lots of of personal sector corporations.
The assaults disclosed by Microsoft on Thursday gave the impression to be a continuation of a number of efforts to focus on authorities businesses concerned in international coverage as a part of intelligence gathering efforts, Microsoft stated.
The firm stated it was within the means of notifying all of its focused clients and had “no reason to believe” these assaults concerned any exploitation or vulnerability in Microsoft’s services or products.
© Thomson Reuters 2021
Â
