Advertisement

Microsoft says Russian group behind SolarWinds hack targeting government agencies

Click to play video: 'FireEye CEO says SolarWinds hack was found after security staff noticed issue with employee account'
FireEye CEO says SolarWinds hack was found after security staff noticed issue with employee account
WATCH: FireEye CEO says SolarWinds hack was found after security staff noticed issue with employee account – Feb 14, 2021

The group behind the SolarWinds cyber attack identified late last year is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft said late on Thursday.

“This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations,” Microsoft said in a blog post.

Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020, according to Microsoft.

“This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations,” Microsoft said.

While organizations in the United States received the largest share of attacks, targeted victims came from at least 24 countries, Microsoft said.

Story continues below advertisement

At least a quarter of the targeted organizations were involved in international development, humanitarian issues and human rights work, Microsoft said in the blog.

Nobelium launched this week’s attacks by breaking into an email marketing account used by the United States Agency For International Development (USAID) and from there launching phishing attacks on many other organizations, Microsoft said.

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

The hack of information technology company SolarWinds, which was identified in December, gave access to thousands of companies and government offices that used its products. Microsoft President Brad Smith described the attack as “the largest and most sophisticated attack the world has ever seen.”

Click to play video: 'Scope of cyberattack that affected U.S. government agencies growing'
Scope of cyberattack that affected U.S. government agencies growing

This month, Russia’s spy chief denied responsibility for the SolarWinds cyber attack but said he was “flattered” by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack.

Story continues below advertisement

The United States and Britain have blamed Russia’s Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, for the hack which compromised nine U.S. federal agencies and hundreds of private sector companies.

The attacks disclosed by Microsoft on Thursday appeared to be a continuation of multiple efforts to target government agencies involved in foreign policy as part of intelligence gathering efforts, Microsoft said.

The company said it was in the process of notifying all of its targeted customers and had “no reason to believe” these attacks involved any exploitation or vulnerability in Microsoft’s products or services.

(Reporting by Kanishka Singh and Sabahatjahan Contractor in Bengaluru; editing by Robert Birsel)

Sponsored content

AdChoices