Supply Chain Crisis Intensifies as Nobelium Activity Returns


The SolarWinds hack that took place at the end of 2020 is considered to be one of most devastating online attacks ever documented, and heightened public awareness about the significant rise in cybercrime. However, it appears the Russian organization behind this attack, Nobelium, is active yet again, this time aiming to capitalize on the ongoing supply chain dilemma.

According to an official blog post from Microsoft’s VP of Customer Security and Trust, Tom Bert, Nobelium has targeted at least 140 technology resellers and service providers that are major players in global supply chain activity. Microsoft believes that Nobelium is attempting to exploit software and cloud resellers to directly target customer’s personal IT infrastructure.

“The attacks we’ve observed in the recent campaign against resellers and service providers have not attempted to exploit any flaw or vulnerability in software but rather used well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.” commented Bert in his blog post. “We have learned enough about these new attacks, which began as early as May this year, that we can now provide actionable information which can be used to defend against this new approach.”

Nobelium’s success largely relies on common system processes that network engineers or IT managers rarely give thought to. For instance, the 2020 attack launched after Orion software update was compromised by Nobelium, which eventually allowed the group to introduce malware thanks to thousands of customers unknowingly deploying the software. However, Microsoft has reported that phishing and identity theft is a major strategy in this new campaign.

The sophistication and complexity of these attacks have some experts feeling pessimistic about combating these threats, but creating public awareness is shining more light on this increasing issue. Microsoft issued new technical guidance to help businesses and organizations recognize threat patterns and enhance security measures.

As it stands, the supply chain crisis is fueling anxiety about product availability for the upcoming holiday season. Business leaders can no longer afford to ignore warnings regarding security, so investing in counter measures should be a top priority.

Edited by Maurice Nagle

Editor, TechZone360

Related Articles

How to outsource photo editing for e-commerce

By: Contributing Writer    11/17/2021

Find out how to find a reliable service to outsource photo editing for ecommerce. Learn what factors you should consider and what questions to ask you…

Read More

New Bill Requires Automakers to Development Drunk Driving Prevention Tech

By: Luke Bellos    11/12/2021

Congress recently passed a bipartisan infrastructure bill, which includes a mandate requiring auto companies to develop drunk-driving prevention techn…

Read More

Facebook Whistleblower Shares Metaverse Concerns

By: Luke Bellos    11/11/2021

Whistleblower Francs Haugen recently interviewed with AP News and shared her concerns regarding Facebook's recent shift in attention toward the metave…

Read More

High-Energy High-Power Density Thermal Batteries: High Impact Climate Change Solutions to Expand in China

By: Matthew Vulpis    11/10/2021

For nearly three decades, the United Nations has been bringing together almost every country on earth for global climate summits - called COPs - which…

Read More

New Zealand Cybersecurity Company Helps Squelch BlackMatter Ransomware Scheme

By: Laura Stotler    11/1/2021

A New Zealand cybersecurity firm is stamping out the BlackMatter ransomware scheme through a critical vulnerability. The firm is helping ransomware vi…

Read More