"Nobelium is trying to replicate the strategy used in past attacks by targeting organizations that are an integral part of the global IT industry supply chain," Tom Burt, vice president at Microsoft, wrote in a blog post on Sunday. in charge of customer safety.

Tom Burt specifies that these new attacks were detected from May 2021.

Since then, Microsoft has notified more than 140 "resellers" (companies offering customization services for remote computing use) and technology server vendors that have been targeted.

14 of them reportedly saw their computer systems compromised.

Nobelium became known to the general public in 2020 for the massive hacking of the computer management software publisher SolarWinds.

The group had carried out a vast operation affecting up to 18,000 SolarWinds customers and more than a hundred American companies.

Attacks backed by Moscow?

Microsoft and the American authorities accuse the Russian government of supporting these pirates, which Moscow denies formally.

US President Joe Biden had imposed financial sanctions on Russia and expelled Russian diplomats following the SolarWinds hack.

“This recent activity is a new indicator that Russia is trying to gain long-term and systematic access to various entry points in the technology supply chain and to establish a monitoring mechanism - now or in the future - targets of interest to the Russian government, ”says Tom Burt.

The manager specifies that this operation is part of an upsurge in computer attacks carried out by Nobelium.

A sharp rise

From July 1 to October 19, Microsoft informed 609 of its customers of nearly 23,000 attacks, a tiny number of which were successful.

Between June 2018 and June 2021, the group “only” recorded a total of 20,500 hacking attempts by all state actors.

As in their previous offensives, Nobelium hackers have resorted to phishing, a method of sending emails that appear genuine but contain malware allowing access to victims' data.

They also used "password spraying," a technique used by hackers to attempt to infiltrate user accounts by testing common passwords.

Microsoft released a series of technical recommendations on Monday to help its customers better protect themselves against Nobelium attacks.

High-Tech

Gmail: Russian hacker attacks are on the rise, Google alert

High-Tech

Microsoft: It is now possible to access your account without a password

  • Hacker

  • Europe

  • United States

  • Piracy

  • Cyber ​​attack

  • Cybercriminality

  • Russia

  • High-Tech

  • Cybersecurity