Microsoft Says Russian Hackers Again Target Global Supply Chain

October 26, 2021 by Tom Ramstack
Microsoft Says Russian Hackers Again Target Global Supply Chain
In this Jan. 28, 2020, photo, a Microsoft computer is among items displayed at a Microsoft store in suburban Boston. (AP Photo/Steven Senne)

WASHINGTON — Microsoft announced Monday that the same hackers who tapped into U.S. government computers in the 2020 SolarWinds cyberattack continue to attack the global supply chain but with a slightly revamped strategy.

This time, the Russia-backed group Microsoft calls Nobelium is piggybacking onto the software of cloud service reseller companies in an apparent attempt to break into their customers’ information technology systems.

Microsoft said in a statement that Nobelium secretly inserts spying software into the resellers’ systems to “more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.”

Microsoft officials do not yet have an assessment of how much damage Nobelium has done.

“Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers, and their customers take timely steps to help ensure Nobelium is not more successful,” Microsoft vice president Tom Burt said in a blog post.

Resellers act as intermediaries in computer system distribution by purchasing software or hardware from manufacturers or wholesalers, selling it to customers and managing their accounts. The customers necessarily put a high degree of trust in their services.

Microsoft said that since May, it has notified more than 140 companies that they were targets of the Nobelium attacks. Fourteen of them are likely to have had their systems hacked.

The latest attack bears similarities to the 2020 SolarWinds attack for the way it embeds spyware into what appears to be legitimate software products.

The SolarWinds attack found a weakness in a popular cybersecurity program that allowed it to spy on government and corporate computers globally.

In the United States, the U.S. departments of Treasury, Commerce and Homeland Security all reported being hacked. Internationally, the victims included the North Atlantic Treaty Organization, the European Parliament, the United Kingdom’s Defense Ministry and pharmaceutical giant AstraZeneca.

So far, the U.S. government is downplaying the importance of the attack Microsoft announced Monday, describing it as a routine password spray and phishing attack.

However, Microsoft indicated it might be more serious. The company has notified more than 600 of its customers that it recorded 22,868 Nobelium attacks on their systems.

Although their success rate is small, Microsoft described the attack as the largest it had seen from a single country in years. Microsoft also left no doubt the Russian government was suspected.

“Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” the Microsoft blog post said.

The U.S. government blamed Russia’s SVR foreign intelligence agency for the SolarWinds attack. Its apparent motive was to help Russia gain global supply chain secrets that could give it an economic advantage using other organizations’ technology.

The Microsoft announcement adds another chapter to increasing friction between the United States and Russia over cyberattacks.

President Joe Biden has personally warned Russian President Vladimir Putin to stop the attacks but State Department officials say they see no evidence he has made an effort.

Biden warned Putin after the May 2021 Colonial Pipeline ransomware attack on the pipeline that carries gas and jet fuel from Houston to the Southeastern United States. The Russian hackers demanded $4.4 million in bitcoin before they would release their block on the oil company’s software.

Colonial Pipeline paid the ransom but the pipeline was shut down for five days.

Tom can be reached at [email protected].

A+
a-
  • Microsoft
  • Russia
  • Russian hacking
  • supply chain
  • In The News

    Health

    Voting

    In The News

    March 28, 2024
    by Dan McCue
    Silicon Valley-Based Firm Launches ‘Radar as a Service’

    BELMONT, Calif. — At first the idea sounds about as un-Silicon Valley as one can get. After all, the basic... Read More

    BELMONT, Calif. — At first the idea sounds about as un-Silicon Valley as one can get. After all, the basic concept underlying radar was proven in 1886, when a German physicist named Heinrich Hertz showed that radio waves could be reflected from solid objects. And the... Read More

    March 28, 2024
    by Dan McCue
    Elections Task Force Prosecutes 2020 ‘Vigilantes,’ Seeks More Civic Dialogue

    PHOENIX, Ariz. — A 46-year-old Ohio man has been sentenced to 30 months in prison for sending death threats to... Read More

    PHOENIX, Ariz. — A 46-year-old Ohio man has been sentenced to 30 months in prison for sending death threats to an Arizona election official. The sentencing of Joshua Russell, of Bucyrus, Ohio, came after he pleaded guilty to one count of making a threatening interstate communication.... Read More

    March 28, 2024
    by Tom Ramstack
    Disney World Settles with Florida After Its Opposition to 'Don’t Say Gay' Law

    ORLANDO — The company that runs Walt Disney World reached a settlement Wednesday with appointees of Florida Gov. Ron DeSantis... Read More

    ORLANDO — The company that runs Walt Disney World reached a settlement Wednesday with appointees of Florida Gov. Ron DeSantis who were exerting controversial regulatory control over the huge tourism complex. The settlement resolves some of the disputes that arose after Disney officials publicly denounced the... Read More

    US Changes How It Categorizes People by Race and Ethnicity. It's the First Revision in 27 Years

    ORLANDO, Fla. (AP) — For the first time in 27 years, the U.S. government is changing how it categorizes people by race and... Read More

    ORLANDO, Fla. (AP) — For the first time in 27 years, the U.S. government is changing how it categorizes people by race and ethnicity, an effort that federal officials believe will more accurately count residents who identify as Hispanic and of Middle Eastern and North African heritage. The revisions... Read More

    March 28, 2024
    by Dan McCue
    Vice President Harris Rolls Out First Government-Wide Policy to Mitigate AI Risks

    WASHINGTON — Vice President Kamala Harris on Wednesday rolled out the Biden administration’s first government-wide policy intended to mitigate the... Read More

    WASHINGTON — Vice President Kamala Harris on Wednesday rolled out the Biden administration’s first government-wide policy intended to mitigate the risks associated with artificial intelligence while still enabling its use to advance the public interest. The new policy, which is being issued through the White House... Read More

    March 27, 2024
    by TWN Staff
    Rep. Cleaver New Co-Chair of House Renewable Energy and Energy Efficiency Caucus

    WASHINGTON — Rep. Emanuel Cleaver II, D-Mo., is the new Democratic co-chair of the House Renewable Energy and Energy Efficiency... Read More

    WASHINGTON — Rep. Emanuel Cleaver II, D-Mo., is the new Democratic co-chair of the House Renewable Energy and Energy Efficiency Caucus. He was invited to serve as co-chair by Sens. Jack Reed, D-R.I., and Mike Crapo, R-Idaho, the co-chairs of the Senate Renewable Energy and Energy... Read More

    News From The Well
    scroll top