Thursday, September 1, 2022

Russian hackers target US networks in ‘ongoing’ cyberattack

Must Read

NYC mom, kids remain homeless 3 years into eviction fight

A homeless Manhattan widow is waging war against her billionaire landlord. Deborah Privitello, mom of three, has been forced...

Cardinals not getting enough respect, even as NFL’s best team

The Cardinals sit quietly atop the NFC West with the best record in the NFL, and yet there’s... CEO to take leave of absence after Zoom layoff disaster Chief Executive Officer Vishal Garg is taking time off effective immediately, Vice reported on Friday, citing an email...


Russian-linked hackers blamed for the massive cyberattack on the US last year have been targeting hundreds of companies and organizations in its latest wave of attacks on US-based computer networks — as the White House dismisses the incident as “unsophisticated, run-of-the-mill operations.”

In a blog post Sunday, Microsoft said Nobelium — the Russian-based agency behind last year’s widespread SolarWinds attack — has been targeting cloud service providers and technology service organizations in a bid to obtain data.

The attacks have targeted organizations in the US and Europe since May, Microsoft said.

One of Microsoft’s top security officers, Tom Burt, told the New York Times, which first reported the breach, that the latest attack was “very large and ongoing.”

“Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain. This time, it is attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers,” Microsoft said in its blog post.

A smartphone displays the Microsoft logo in this illustration taken July 26, 2021.
Top Microsoft security officer Tom Burt claims Russian agency Nobelium is trying to disrupt the “global IT supply chain.”

“We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.” 

Microsoft said it had notified 609 customers between July 1 and Oct. 19 that they had been attacked.

The company insisted only a small percentage of the latest attempts were successful.

President Joe Biden greets Russian President Vladimir Putin during a US-Russia Summit in Geneva, Switzerland on June 16, 2021.
President Biden greets Russian President Vladimir Putin during a US-Russia summit in Geneva, Switzerland, on June 16, 2021.
Getty Images

“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling — now or in the future — targets of interest to the Russian government,” Microsoft said.

“The attacks we’ve observed in the recent campaign against resellers and service providers have not attempted to exploit any flaw or vulnerability in software but rather used well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.”

A Microsoft logo adorns a building in Chevy Chase, Maryland.
Russian agency Nobelium is hacking US-based technology service organizations, according to Microsoft.
AFP via Getty Images

Microsoft said it had learned enough about these new attacks to provide information that “can be used to defend against this new approach.”  

A Biden administration official told the Times the latest attacks were “unsophisticated, run-of-the-mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices.”

President Joe Biden leaves after Mass at Saint Joseph on the Brandywine in Wilmington, Delaware on October 23, 2021.
President Biden leaves after Mass at St. Joseph on the Brandywine in Wilmington, Del., on October 23, 2021.
AFP via Getty Images

“We can do a lot of things … but the responsibility to implement simple cybersecurity practices to lock their — and by extension, our — digital doors rests with the private sector,” the official said.

The US government blamed Russia for the major breach of government agencies last year known as the SolarWinds hack.

President of Russia Vladimir Putin
The Biden administration has not blamed Russian President Vladimir Putin for the latest cyberattacks on US-based computer networks.
Russian Look via ZUMA Press Wire

President Biden hit Russia with sanctions back in April in the wake of the attack.


Source link

- Advertisement -
- Advertisement -
Latest News

NYC mom, kids remain homeless 3 years into eviction fight

A homeless Manhattan widow is waging war against her billionaire landlord. Deborah Privitello, mom of three, has been forced...
- Advertisement -

More Articles Like This

- Advertisement -