Russian hackers targeting tech supply chain in defiance of Biden

By Jamie Tarabay

More than 140 technology service providers and resellers have been notified as recent targets of the hackers and 14 of them are believed to have been compromised, Microsoft said in a blog on Monday. — AFP Relaxnews

Microsoft Corp said the hackers behind the SolarWinds cyberattack are engaged in a fresh campaign to compromise global networks by targeting the tech supply chain, including resellers and providers of cloud technology.

Microsoft attributes the coordinated attack, which was first observed in May, to a group called Nobelium, the same state-sponsored Russian hackers who used sophisticated intrusion techniques in 2020 to infect with malware as many as 18,000 customers of Texas-based software company SolarWinds Corp.

More than 140 technology service providers and resellers have been notified as recent targets of the hackers and 14 of them are believed to have been compromised, Microsoft said in a blog on Monday.

Nobelium was also behind an attack on IT companies, governments, think tanks and financial service entities earlier this year that spanned 36 countries, Microsoft announced in June.

When they met in Geneva in the summer, US President Joe Biden said he gave Russian President Vladimir Putin a list of 16 critical sectors that shouldn’t be hacked to deter a cyber response from the US government, but the attacks have continued. The Kremlin, for its part, has repeatedly denied responsibility for any hacking attacks.

This time, between July and October this year, “we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits,” Microsoft corporate vice-president of customer security and trust Tom Burt wrote.

The Redmond, Washington-based company said this activity was another indicator that “Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain, and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”

The White House, which issued an executive order in May this year urging the private sector to bolster its cyber defenses, said it was increasing its intelligence sharing and other measures to protect against cyber threats.

The attacks described in the Microsoft blog were unsophisticated operations attempted daily by Russia and other foreign governments. The attackers weren’t attempting to exploit any flaws or vulnerabilities in software but instead using “well-known” techniques to steal credentials, the blog said. – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 46
Cxense type: free
User access status: 3

Related stories:

Protecting yourself from the dangers of keyless entry

US hacker stole cryptocurrency, scammed influencers and avoided the feds — until he crossed his partners

Poll: Cyberattacks concerning to most in US

Join our Telegram channel to get our Evening Alerts and breaking news highlights

   

Report it to us.

Next In Tech News
Electric-car maker Lucid receives subpoena from SEC
EU regulators pause investigation into Nvidia, ARM deal
TikTok owner ByteDance ramps up e-commerce expansion with launch of Fanno shopping app in Europe
Delivery Hero thwarted again in attempt to buy a Saudi rival
Apple starts legal action against Russian regulator in App Store dispute -RIA
Philippines e-wallet unicorn considers crypto, stocks platform
Digital payments push fails to deter demand for cash in Nigeria
Smart Highway Sandbox programme will integrate technological innovations into highways, says Adham Baba
Free 5G networks to go live Dec 15 in parts of KL, Putrajaya, and Cyberjaya
Executive at Swiss tech company said to operate secret surveillance operation

Trending in Tech

Others Also Read

Load more

Vouchers

View More Vouchers

Copyright © 1995- Star Media Group Berhad (10894D)

Best viewed on Chrome browsers.