[ad_1]
RICHMOND, Va. — Microsoft He said Monday that the same Russia-backed hackers responsible for the 2020 SolarWinds breach continue to attack the global technology supply chain and have been targeting cloud service companies and others relentlessly since the summer.
group, which Microsoft Nobelium implemented a new strategy to reclaim cloud service vendors’ direct access to their customers’ IT systems, hoping to “easier impersonate an organization’s trusted technology partner to gain access to downstream customers.” Resellers act as intermediaries between giant cloud companies and their end customers, managing and customizing accounts.
“Fortunately, we discovered this campaign in its early stages, and we are sharing these developments to help cloud service vendors, technology providers, and customers take timely steps to help Nobelium become more successful,” said Tom Burt. Microsoft The vice president said in a blog post.
Biden downplays the administration Microsoft‘ announcement. Insisting on anonymity to discuss the government’s response, a US government official noted that the “disclosed activities were unsophisticated password spraying and phishing, unusual operations for surveillance purposes that we already know are attempted daily. by Russia and other foreign governments.
The Russian Embassy did not immediately respond to a request for comment.
US-Russian relations are already strained this year due to a series of high-profile ransomware attacks against US targets launched by Russia-based cyber gangs. US President Joe Biden warned Russian President Vladimir Putin to crack down on ransomware criminals, but several senior management cybersecurity officials said they’ve seen no evidence of it lately.
Supply chain attacks allow hackers to steal information from multiple targets by hacking into a single product that they all use. The US government has previously blamed Russia’s SVR foreign intelligence agency for the SolarWinds hack, a supply chain hack that went undetected for most of 2020, jeopardizing several federal agencies and badly embarrassing Washington.
Microsoft It has been observing Nobelium’s latest campaign since May and has notified more than 140 companies targeted by the group, with close to 14 believed to be in jeopardy. The attacks have become increasingly brutal since July. Microsoft He noted that 609 customers were hacked by Nobelium 22,868 times and informed with a low single-digit success rate. This is more attack Microsoft had marked all nation-state actors in the previous three years.
“Russia is trying to gain long-term, systematic access to various points in the technology supply chain and to establish a mechanism to spy on targets that, now or in the future, are of interest to the Russian government,” Burt said.
Microsoft did not name any of the hackers’ targets in their recent campaigns. But cybersecurity firm Mandiant said it has seen victims in both Europe and North America.
Mandiant Chief Technology Officer Charles Carmakal said the hackers’ method of chasing dealers makes it harder to detect.
“It shifts the initial attack from endpoints, which in some cases are organizations with more mature cyber defences, to smaller technology partners with less mature cyber defences,” he said.
• AP business writer Matt Ott, of Silver Spring, Maryland, contributed to this story.
[ad_2]
Source link