SolarWinds hackers hit 150 organisations in new wave of attacks

Microsoft warns that “nation-state cyber attacks aren’t slowing”

The hackers behind last year's SolarWinds cyber attack have launched a new wave of attacks on more than 150 government agencies, think tanks, consultants, and NGOs from 24 countries.

An estimated 3,000 email accounts had been targeted, according to new findings from Microsoft, most of which are based in the US, with at least a quarter being organisations focused on international development, human rights, and humanitarian work.

In a blog post detailing the research, the tech giant said it is in the process of notifying all of its customers who had been attacked by the Nobelium hacking group, which is thought to be backed by the Russian state.

Nobelium is said to have been behind December 2020's SolarWinds hack, which saw hundreds of companies, as well as nine US governmental agencies, have their networks infiltrated. Although widely believed to have been orchestrated by the Russian government, the head of the Russian Foreign Intelligence Service (SVR) has denied any involvement in the incident and has branded the accusations "pathetic".

However, Tom Burt, Microsoft's corporate VP of Customer Security & Trust, said that Nobelium's activities tend to coincide with the "issues of concern to the country from which they are operating".

"This is yet another example of how cyber attacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives, with the focus of these attacks by Nobelium on human rights and humanitarian organisations," he added.

Related Resource

NETSCOUT threat intelligence report

Cyber crime: Exploiting a pandemic

Threat intelligence report - whitepaper from NETSCOUTDownload now

According to Burt, Nobelium's main objective is to "gain access to trusted technology providers and infect their customers". He also warned that "nation-state cyber attacks aren't slowing". 

"We need clear rules governing nation-state conduct in cyberspace and clear expectations of the consequences for violation of those rules. We must continue to rally around progress made by the Paris Call for Trust and Security in Cyberspace, and more widely adopt the recommendations of the Cybersecurity Tech Accord, and the CyberPeace Institute. But, we need to do more. Microsoft will continue to work with willing governments and the private sector to advance the cause of digital peace," he added.

IT Pro has contacted Microsoft for comment on whether any UK organisations had been targeted by Nobelium and will update this article when new information becomes available.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

Researchers disclose top flaws abused by ransomware gangs
ransomware

Researchers disclose top flaws abused by ransomware gangs

20 Sep 2021
Best MDM solutions 2020
mobile device management (MDM)

Best MDM solutions 2020

17 Sep 2021
How do hackers choose their targets?
hacking

How do hackers choose their targets?

17 Sep 2021
Owner of DDoS for hire sites found guilty of hacking offences
distributed denial of service (DDOS)

Owner of DDoS for hire sites found guilty of hacking offences

17 Sep 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021
Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition
mergers and acquisitions

Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition

14 Sep 2021