The tech giant’s vice president said a quarter of those targeted were involved in development, human rights and humanitarian work.
Russian hackers behind the SolarWinds cyberattack, a massive campaign that saw widespread hacking of several US federal agencies, have launched a new round of attacks targeting “government agencies, think tanks, consultants and non-governmental organizations, “according to Microsoft.
This week’s wave of attacks by the Nobelium Group targeted around 3,000 email accounts from more than 150 organizations in 24 countries, with the bulk of the attack targeting the United States, wrote Tom Burt, vice -President of the tech giant, in a blog post on Thursday.
The Russian group was notably able to access an email marketing account used by the State Department’s international aid agency USAID, from which it targeted other organizations.
The New York Times reported that the breach appears to be aimed at the type of groups that have exposed Russian attacks on dissidents or have spoken out about the alleged state poisoning of prominent Russian opposition figure Alexey Navalny.
“At least a quarter of the organizations targeted were involved in international development, humanitarian action and human rights,” Burt wrote.
“This is yet another example of how cyber attacks have become the tool of choice for a growing number of nation states to achieve a wide variety of political goals, with an emphasis on Nobelium attacks. against human rights and humanitarian organizations. ”
The US government explicitly linked the SolarWinds attack to the Russian intelligence service, the SVR, and imposed sanctions on 32 Russian entities and expelled diplomats in April. The agency was also allegedly involved in the 2016 Democratic National Convention hack.
After going unnoticed for months, the SolarWinds flaw was identified by private security firm FireEye in December, highlighting the increased sophistication of the operation, which is named after a US-based company developing software. management system for use in businesses and organizations.
Violations at the Treasury Department, the National Telecommunications and Information Administration, and the Department of Commerce, among others, have sent shock waves through the U.S. intelligence community.
Microsoft President Brad Smith previously described the SolarWinds hack as “the biggest and most sophisticated attack the world has ever seen.”
Russia’s spy chief denied responsibility for the breach, but said he was “flattered” by accusations from the US and UK that Russian foreign intelligence was behind a cyber-attack. – such sophisticated operation.
