Russian cyberattacks target more US networks
October 25, 2021The Russian-based agency that orchestrated last year's SolarWinds cyberattacks — Nobelium — has hit hundreds more companies and organizations, according to tech giant Microsoft.
The company said it believes the activity shows Russia is seeking to grab a technological foothold in the US that would allow it better to spy on Kremlin targets, either now or in the future.
What is Microsoft saying happened?
In a blog on its website, Microsoft said Nobelium's latest wave of attacks had targeted "resellers and other technology service providers."
The attacks were part of a broad campaign over the summer this year, Microsoft said.
The tech giants said it had notified 609 customers between July 1 and October 19 that they had been attacked 22,868 times in total.
By comparison, there have been fewer attempts than that number over the past three years leading up to July 1.
However, only a small proportion of the latest attempts had been successful, Microsoft said in its blog.
The company said it believed as many as 14 of these resellers and service providers have been compromised.
What are the hackers trying to do?
In its blog, Microsoft said Russia was trying to establish a technological bridgehead that would help with its surveillance operations.
"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling — now or in the future — targets of interest to the Russian government," Microsoft wrote.
The tech firm said it had learned enough about the new attacks, which began as early as May, to provide information that would "defend against this new approach."
US officials told The New York Times newspaper that the string of cyberattacks amounted to an "unsophisticated, run-of-the-mill operation that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices."