According to Microsoft Corp, government agencies, think tanks, consultants, and non-governmental organizations are now being targeted by the group behind the SolarWinds cyber attack whioch was identified last year.
“This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations”, Microsoft said in a blog.
According to Microsoft, with its origins in Russia, Nobelium is the same group that was behind the attacks on customers of SolarWinds in 2020.
It was a few weeks ago on May 7 that the ransomware attack on Colonial Pipeline happened which resulted in shutting down of the largest fuel pipeline network of the United States for a number of days which disrupted the supply throughout the country.
“This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations”, Microsoft said on Thursday.
Microsoft said that the group targeted victims in at least 24 countries even though the organizations in the US were the target of the largest share of the attacks.
Microsoft said in the blog hat that international development, humanitarian issues and human rights work were the major engagements of at least a quarter of the targeted organisations.
This week’s attacks were launched by Nobelium by first breaching an email marketing account that was used by the United States Agency For International Development (USAID) and phishing attacks on many other organisations were launched from there, Microsoft said.
The hackers had obtained access to thousands of companies and government offices that used the products of the information technology company SolarWinds and which was identified in December last year. That cyber attack was described by Microsoft President Brad Smith as “the largest and most sophisticated attack the world has ever seen”.
While denying responsibility for the SolarWinds cyber attack, Russia’s spy chief said this month that he was “flattered” by the accusations from the United States and Britain about such a sophisticated hacking program was orchestrated by Russian foreign intelligence.
The SolarWind hacking, which hacked into federal agencies of the United States and hundreds of private sector companies, had been conducted by Russia’s Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, as alleged by the US and Britain.
Microsoft said that the cyber hacks and attempts of the attacks as identified on Thursday by Microsoft apparently was a continuation of more than one efforts of the hackers for targeted government agencies related to foreign policy as part of intelligence gathering efforts, Microsoft said.
The Microsoft was currently trying to inform all of its customers who were targeted by the hacking attempts and the company had “no reason to believe” that any exploitation or vulnerability in Microsoft’s products or services were involved in these attacks, the company said.
(Adapted from Reuters.com)