Last year a hacker group used a bit of malicious code it hid in a software update by the company SolarWinds to launch an immense cyberattack against U.S. government agencies and corporations.
The group behind the attack, Nobelium, is reportedly being directed by the Russian intelligence service. And they're at it again.
According to Microsoft, one of the victims of the SolarWinds hack, the group is targeting technology companies that resell and provide cloud services for customers.
"Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," Tom Burt, Microsoft's Corporate Vice President of Customer Security & Trust, said in a blog post on the company's website.
"We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," he added.
The hacker group hasn't tried to ferret out vulnerabilities in software, Burt said, but rather has been using techniques like phishing and password spray to gain entry to the targeted networks.
Copyright 2021 NPR. To see more, visit https://www.npr.org.