The SolarWinds hack that took place at the end of 2020 is considered to be one of most devastating online attacks ever documented, and heightened public awareness about the significant rise in cybercrime. However, it appears the Russian organization behind this attack, Nobelium, is active yet again, this time aiming to capitalize on the ongoing supply chain dilemma.
According to an official blog post from Microsoft’s (News - Alert) VP of Customer Security and Trust, Tom Bert, Nobelium has targeted at least 140 technology resellers and service providers that are major players in global supply chain activity. Microsoft believes that Nobelium is attempting to exploit software and cloud resellers to directly target customer’s personal IT infrastructure.
“The attacks we’ve observed in the recent campaign against resellers and service providers have not attempted to exploit any flaw or vulnerability in software but rather used well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.” commented Bert in his blog post. “We have learned enough about these new attacks, which began as early as May this year, that we can now provide actionable information which can be used to defend against this new approach.”
Nobelium’s success largely relies on common system processes that network engineers or IT managers rarely give thought to. For instance, the 2020 attack launched after Orion software update was compromised by Nobelium, which eventually allowed the group to introduce malware thanks to thousands of customers unknowingly deploying the software. However, Microsoft has reported that phishing and identity theft is a major strategy in this new campaign.
The sophistication and complexity of these attacks have some experts feeling pessimistic about combating these threats, but creating public awareness is shining more light on this increasing issue. Microsoft issued new technical guidance to help businesses and organizations recognize threat patterns and enhance security measures.
As it stands, the supply chain crisis is fueling anxiety about product availability for the upcoming holiday season. Business leaders can no longer afford to ignore warnings regarding security, so investing in counter measures should be a top priority.