[ad_1]
for a senior manager Solar WindsHe says he knows big companies whose breach by hackers endangered federal networks, silently coming face to face with national hackers such as those who shot his company.
“I talked to a number of large companies or organizations. [susceptible] to a nation-state. They will say to me, ‘Yes, it happened to us’. Yes, we know about these threat actors, but they have not been made public. “We haven’t talked about it, but they’re there,” he said. Solar Winds information security chief Tim Brown said news site Cyber Security Dive. “So I think by coming out and talking about it, we’re making it real for the people who do it, so it’s not theoretical anymore.”
The Biden administration said: Solar Winds Violating the work of the Russian Foreign Intelligence Service (SVR). In April, the administration imposed sanctions on Russia for the attack on Russia. Solar Winds This was made public last year, saying the U.S. government has put nine federal agencies at risk.
After sanctions were imposed, Microsoft said in May it observed cyberattacks by the same hacker targeting government agencies, think tanks, consultants and nonprofits.
Microsoft also said the new attacks targeted nearly 3,000 email accounts in more than 150 organizations, but Microsoft noted that it “is currently seeing no evidence of a significant number of compromised organizations.”
On Sunday, Microsoft announced that the same hackers, which it calls “Nobeliums,” are observing it by choosing a different target – organizations that make up critical aspects of the global information technology supply chain, particularly technology service providers that deploy and manage cloud services.
“These attacks are part of a larger wave of Nobelium events this summer,” wrote Tom Burt, Microsoft corporate vice president, on the company’s blog. “In fact, between July 1 and October 19 this year, we informed 609 customers that they had been hacked 22,868 times by Nobelium, with a low single-digit success rate. By comparison, before July 1, 2021, we reported 20,500 times to our customers about attacks by all nation-state actors over the past three years.”
Cybersecurity experts said it shouldn’t come as a surprise to reports that Russian hackers are continuing their attacks.
“If anyone is surprised that the SVR is still spying, they should check the intelligence agencies’ mission statement,” said Dmitri Alperovitch, co-founder of cybersecurity firm CrowdStrike. “Solar WindsThe /HolidayBear campaign (pursuing tough targets through IT/cybersecurity companies) was not a one-time operation but a tactical change of direction.”
[ad_2]
Source link