The Russian-backed hacking group Nobelium responsible for the SolarWinds attack that has been targeting more companies with the goal of disrupting the worldwide IT supply chain.
Microsoft warned in a blog post published Monday that a hacker group linked to Russia’s intelligence agency has been engaged in a major campaign to gain access to thousands of government and private computer networks, indicating that Moscow-backed cyberattacks on the United States have continued despite the Biden administration’s sanctions.
NOBELIUM, the group behind the Solar Winds attack, has been targeting several cloud service providers and other IT services firms situated in the United States and Europe since May 2021, according to a Microsoft blog.
Read more: Microsoft Azure fends off 2.4 Tbps DDoS attack, one of the largest ever recorded
Microsoft said it has notified victims of “nation-state” operations and is working with them to widen its investigation.
According to Tom Burt, Microsoft’s vice president of customer security, NOBELIUM’s current effort is “quite significant, and it is ongoing,” according to the New York Times.
According to the New York Times, federal officials said the operation, which appeared to be funded by Russia’s foreign intelligence agency SVR, was targeted at acquiring access to data stored in the cloud.
Number Of Attacks Carried Out By NOBELIUM
22,868, that’s the total number of NOBELIUM attacks between July 1 and October 19, according to a separate blog post published on Sunday by Burt. According to Microsoft, the attacks impacted 609 businesses in total.
“This new activity is another indicator that Russia is attempting to secure long-term, systematic access to a number of locations in the technological supply chain and develop a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Burt said.
