Monday, October 25, 2021
Microsoft warns 140 companies
Russian hackers attack US companies
More than a hundred US companies have been targeted by hackers in the past few months. What they all have in common is that they belong to the tech industry – the attackers want to use them to gain access to their customers. Microsoft sees the origin of the attacks in Russia.
The hackers behind the momentous cyber attack on the IT service provider Solarwinds are now targeting dozens of companies in the tech industry, according to Microsoft. Microsoft’s security researchers said that around 140 technology service providers have been informed of attacks since May alone. The hackers were successful in up to one in ten of them.
Using IT maintenance software from Solarwinds, the attackers were believed to have entered the computer networks of US government agencies, including those of the Department of Finance and Energy, for espionage purposes. The attack was discovered late last year. The exact extent of the information captured has not been made public to this day. The US government and IT security researchers suspect hackers with connections to the Russian foreign intelligence service were behind the attack. Moscow always denied the allegations.
Microsoft calls the hacker group “Nobelium”. Recently, she has focused on companies that set up and maintain cloud services for other companies. They probably hoped to use the service providers ‘access to their customers’ computer systems, explained the Microsoft experts. Online criminals had already been successful with such an attack method in the summer. Using a vulnerability at the IT service provider Kaseya, they were able to encrypt customers’ computers and demand a ransom.
Since July 1st, Microsoft has informed 609 customers about almost 23,000 attacks by “Nobelium”, it said. The success rate of the attacks is in the low single-digit percentage range. “The recent activity is another indication that Russia is trying to achieve long-term, systematic access to technology supply chains – and a mechanism by which targets of interest to the Russian government can be monitored now or in the future,” wrote the Microsoft experts.