The Nobelium group, accused of being behind the SolarWinds attack, continues its criminal activities, according to a new Microsoft report published on October 25, 2021. Since May 2021, it has been targeting “key players in the technology supply chain. global, “he said. Tom Burt, Microsoft vice president of customer security and report writer. A total of 140 companies were attacked and 14 were compromised.
Nobelium would attempt to “replicate the approach it has used in previous attacks by targeting organizations that are an integral part of the global IT supply chain.” But this time around, the malicious campaigns target “resellers and others. Technology service providers who customize, implement and manage cloud services and other technologies on behalf of their customers,” says Tom Burt.
Through this modus operandi, criminals want to gain access to the information systems of the clients of the large target companies. This is called a supply chain attack that aims to affect an organization by targeting less secure elements of the supply chain.
Phishing and password fumigation
But unlike SolarWinds, where they compromised the Orion software package, criminals turn to phishing and password spray. The last technique aims to access a large number of accounts with a few commonly used passwords.
Nobelium is accused of being linked to Russia. Which makes Tom Burt say that “this recent activity is a new indicator that Russia is trying to gain systematic long-term access to various points in the technology supply chain and establish a follow-up mechanism, now or in the future. future, of objectives of interest to the Russian Government “.
Russia dismisses the accusations
As with SolarWinds, Russia denies any involvement in this cyberattack campaign. Kremlin spokesman Dmitry Peskov said that “while it is true that there have been attacks for many months and the Americans have done nothing about it, it is wrong to immediately blame the unsubstantiated Russians.”
Since coming to power, President Joe Biden has toughened American laws. In particular, he issued a decree “on improving the nation’s cyber security” in May 2021. This text dictates a better flow of information between government agencies and technology companies and created a cyber incident review committee.
Woodmart Theme Nulled, WP Reset Pro, Newspaper 11.2, Newspaper – News & WooCommerce WordPress Theme, Premium Addons for Elementor, Rank Math Seo Pro Weadown, WeaPlay, WordPress Theme, Plugins, PHP Script, Jannah Nulled, Elementor Pro Weadown, Woocommerce Custom Product Ad, Business Consulting Nulled, Jnews 8.1.0 Nulled, Avada 7.4 Nulled, Nulledfire, Dokan Pro Nulled, Yoast Nulled, Flatsome Nulled, PW WooCommerce Gift Cards Pro Nulled, Astra Pro Nulled, Woodmart Theme Nulled, Slider Revolution Nulled, Wordfence Premium Nulled, Elementor Pro Weadown, Wpml Nulled, Consulting 6.1.4 Nulled, Fs Poster Plugin Nulled