Video Source: YouTube, CNBC TV
The group behind the SolarWinds cyberattack identified late last year is currently targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft Corp said Thursday.
“This week, Microsoft confirmed a cyberattack by attacker Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations.
According to Microsoft, Russian-born Nobelium is the same actor behind the 2020 SolarWinds customer attack.
The comment came a few weeks after the May 7 ransomware attack on the Colonial Pipeline closed the United States’ largest fuel pipeline network for several days and disrupted the country’s supply.
“This wave of attacks targeted about 3,000 email accounts in more than 150 different organizations,” Microsoft said Thursday.
The most attacked were US organizations, but Microsoft says the targeted victims come from at least 24 countries.
Microsoft said in a blog that at least a quarter of the targeted organizations were involved in international development, humanitarian issues and human rights activities.
Microsoft says Nobelium broke into the email marketing account used by the United States Agency for International Development (USAID) this week and launched phishing attacks on many other organizations from there.
A hack of the IT company SolarWinds identified in December granted access to thousands of companies and government agencies using the product. Microsoft President Brad Smith described the attack as “the largest and most sophisticated attack the world has ever seen.”
This month, a Russian spy chief denied responsibility for the SolarWinds cyberattack, but said he was “sick” of the US and British accusations that Russian foreign intelligence agencies were behind such clever hacks. ..
The United States and the United Kingdom have accused Russia’s Foreign Intelligence Service (SVR), the successor to KGB’s foreign espionage, of hacking of nine U.S. federal agencies and hundreds of private companies. ..
The attack, which Microsoft revealed Thursday, appeared to be a continuation of multiple efforts targeting government agencies involved in foreign policy as part of its intelligence gathering efforts, Microsoft said.
The company is in the process of notifying all targeted customers and said it “has no reason to believe” that these attacks are related to the exploitation and vulnerabilities of Microsoft products and services.