+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

Microsoft says the Russian group behind the SolarWinds hack is now targeting 150 government agencies, NGOs, and think tanks with a massive phishing email campaign

May 29, 2021, 20:11 IST
Business Insider
Microsoft President Brad Smith.Drew Angerer/Getty Images
  • Microsoft said the group behind the SolarWinds attack is targeting government agencies, NGOs, and think tanks.
  • Nobelium, a Russian group, sent about 3,000 malicious emails to accounts across 150 different organizations, Microsoft said.
  • Nobelium broke into an email marketing account used by a US aid agency to stage the email campaign, Microsoft said.
Advertisement

The group behind the SolarWinds cybersecurity attack is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft said on Thursday.

Russian-based Nobelium targeted around 3,000 email accounts across more than 150 different organizations, Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post on Thursday.

Nobelium carried out these attacks by breaking into an email marketing account called Constant Contact, used by the United States Agency For International Development (USAID), Microsoft said. It then sent phishing emails that looked authentic but contained malicious content, Microsoft said.

The tech giant's comments come weeks after a ransomware attack on Colonial Pipeline on May 7 shut the largest fuel pipeline network in the US for several days, disrupting the country's supply.

Read more: How hackers breached IT company SolarWinds and staged an unprecedented attack that left US government agencies vulnerable for 9 months

Advertisement

Burt said in the blog that US organizations had the biggest share of cyber attacks, but other targeted victims came from at least 24 countries.

At least a quarter of the targeted organisations were involved in international development, humanitarian issues, and human-rights work, Burt said.

The SolarWinds hack, identified in December, gave hackers access to the thousands of companies and government offices that used SolarWinds' software. Microsoft President Brad Smith described the attack as "the largest and most sophisticated attack the world has ever seen".

This month, Russia's spy chief denied responsibility for the SolarWinds cyberattack, but said he was "flattered" by the accusations from the US and Britain that Russian foreign intelligence was behind such a sophisticated hack.

The US and Britain have blamed Russia's Foreign Intelligence Service (SVR) for the hack, which compromised nine US federal agencies and hundreds of private sector companies.

Advertisement

The attacks disclosed by Microsoft on Thursday appeared to be a continuation of multiple efforts to target government agencies involved in foreign policy as part of intelligence gathering efforts, according to Microsoft.

"Many of the attacks targeting our customers were blocked automatically, and Windows Defender is blocking the malware involved in this attack," Microsoft said in the blog.

The company said it was in the process of notifying all its targeted customers and had "no reason to believe" these attacks involved any exploitation or vulnerability in Microsoft's products or services.

You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article