(Reuters) – The Russian-based agency behind last year's massive SolarWinds cyberattack has targeted hundreds of more companies and organizations in its latest wave of attacks on US-based computer systems, Microsoft said in a blog post.
Microsoft, in a blog post dated October 24, said Nobelium's latest wave aimed at "resellers and other technical service providers" of cloud services. These attacks were part of a broader campaign over the summer, Microsoft said, adding that they had notified 609 customers between July 1 and October 19 that they had been attacked.
Only a small percentage of recent attempts were successful, Microsoft told the New York Times, which first reported the intrusion, but it did not provide further details. Officials confirmed to the Times that the operation was under way, with an unnamed senior administrative official calling it "unsophisticated, enterprising activity that could have been prevented if cloud service providers had implemented basic cybersecurity practices."
"This recent activity is another indicator that Russia seeks to gain long-term, systematic access to a wide range of points in the technology supply chain and to establish a mechanism to monitor-now or in the future-goals of interest to the Russian government, "Microsoft wrote.