Supply Chain Crisis Intensifies as Nobelium Activity Returns


The SolarWinds hack that took place at the end of 2020 is considered to be one of most devastating online attacks ever documented, and heightened public awareness about the significant rise in cybercrime. However, it appears the Russian organization behind this attack, Nobelium, is active yet again, this time aiming to capitalize on the ongoing supply chain dilemma.

According to an official blog post from Microsoft’s VP of Customer Security and Trust, Tom Bert, Nobelium has targeted at least 140 technology resellers and service providers that are major players in global supply chain activity. Microsoft believes that Nobelium is attempting to exploit software and cloud resellers to directly target customer’s personal IT infrastructure.

“The attacks we’ve observed in the recent campaign against resellers and service providers have not attempted to exploit any flaw or vulnerability in software but rather used well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.” commented Bert in his blog post. “We have learned enough about these new attacks, which began as early as May this year, that we can now provide actionable information which can be used to defend against this new approach.”

Nobelium’s success largely relies on common system processes that network engineers or IT managers rarely give thought to. For instance, the 2020 attack launched after Orion software update was compromised by Nobelium, which eventually allowed the group to introduce malware thanks to thousands of customers unknowingly deploying the software. However, Microsoft has reported that phishing and identity theft is a major strategy in this new campaign.

The sophistication and complexity of these attacks have some experts feeling pessimistic about combating these threats, but creating public awareness is shining more light on this increasing issue. Microsoft issued new technical guidance to help businesses and organizations recognize threat patterns and enhance security measures.

As it stands, the supply chain crisis is fueling anxiety about product availability for the upcoming holiday season. Business leaders can no longer afford to ignore warnings regarding security, so investing in counter measures should be a top priority.

Edited by Maurice Nagle
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

Editor, TechZone360

Related Articles

Introducing the Newest Addition to ITEXPO #TECHSUPERSHOW: Enterprise Cybersecurity Expo

By: TMCnet News    6/11/2024

TMC today announced the launch of Enterprise Cybersecurity Expo, set to take place from February 11-13, 2025, in Fort Lauderdale, Florida, at the Brow…

Read More

The Shifting Landscape: Emergent Technological Paradigms in Online Sports Wagering

By: Contributing Writer    6/7/2024

In the ever-evolving sphere of online sports wagering, technological advancements have been instrumental in reshaping the landscape, altering how enth…

Read More

Unpacking The Differences: How CPaaS And Network APIs Drive Distinct Innovations

By: Special Guest    6/5/2024

While they share some technical synergies, CPaaS and Network APIs serve different markets and purposes, highlighting the need for complementary strate…

Read More

Protecting Your Digital Fortress Through Threat Exposure Management

By: Contributing Writer    5/23/2024

In today's digital landscape, cybersecurity threats loom large, posing significant risks to businesses, organizations, and individuals alike. With the…

Read More

Why Block Websites? Understanding the Reasons

By: Contributing Writer    5/6/2024

The internet is such an expansive network where every click can lead to information, entertainment, or opportunities for productivity. However, this a…

Read More