Russian hackers who were behind the SolarWinds data breach have launched cyberattacks on government agencies and NGOs, according to Microsoft. The tech giant said that the hackers have targeted more than 150 government agencies, think tanks, and organizations. According to Microsoft, around 3,000 email accounts at various organizations have been targeted by the group. Microsoft has named the hacked – Nobelium. Microsoft in a blog post said that most of the organizations under attack are in the United States. “We believe that hackers behind these attacks are part of the same Russian group that was behind one of the worst data breaches ever that took place last year. Software vendor SolarWinds was the victim of that cyber attack.”
The hackers had targeted at least nine federal agencies and over 100 companies of the United States last year. The cyber-attacks are happening despite the fact it has been one of the areas of major focus for the US government ever since the hacking incident of last year. The government has been working on strengthening the cyber network after it was revealed that hackers had put malicious code in a tool published by SolarWinds. The Colonial Pipeline ransomware attack earlier this month already raised the alarm. The recent cyberattack had led to the shutdown of one of the most important pieces of energy infrastructure in the United States. The Colonial Pipeline ransomware too was carried out by a hacker originating in Russia.
According to Microsoft, most of the organizations that have been under attack were involved in international development and human rights works in at least 24 countries. The company said that the hackers launched the attack by gaining access to the Constant Contact email marketing account used by USAID. After gaining access, the hackers sent phishing emails. These mails look authentic but had a link that can insert malicious files if clicked. This gives bad actors access to computers through a backdoor. “These attacks appear to be the part of Nobelium which has been attacking agencies involved in foreign policy.” Meanwhile, the government and security agencies have not commented on the recent attacks.