Russian hackers launch major cyberattacks through U.S. aid agency's email system, Microsoft says

Russian-hackers-launch-major-cyberattacks-through-U.S.-aid-agency's-email-system,-Microsoft-says

June 01, 2021: -The Russian hackers thought to be behind the catastrophic SolarWinds attack have launched another major cyberattack in the previous year; Microsoft warned three weeks before President Joe Biden met with Russian President Vladimir Putin.

On Thursday, Microsoft said that the hacking group, known as Nobelium, had targeted over 150 organizations worldwide in the last week, including government agencies, think tanks, consultants, and nongovernmental organizations.

They sent phishing emails spoof messages designed to trick people into handing over sensitive information or downloading harmful software to over 3,000 email accounts, said the tech giant.

Around 25% of the targeted organizations are in international development, humanitarian, and human rights work, Tom Burt says, Microsoft’s corporate vice president of customer security and trust.

“These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies are also involved in foreign policy as intelligence-gathering efforts,” Burt said.

Microsoft said organizations in 24 countries were targeted, with the U.S. receiving the largest share of attacks.

The breach was discovered three weeks before the Biden-Putin summit in Geneva.

It also came after the U.S. government explicitly said that the SolarWinds hack was carried out by Russia’s SVR, a successor to the foreign spying operations of the Soviet KGB.

According to Microsoft, Nobelium gained access to an email marketing account used by the U.S Agency for International Development, the federal government’s aid agency. The report is held on a platform called Constant Contact.

Burt further said that Nobelium used the account to “distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file.”

The file has a backdoor that Microsoft calls NativeZone, which can “enable a wide range of activities from stealing data to infecting other computers on a network,” according to Burt, said Microsoft notifies customers who have been targeted.

Steve Forbes, a government cybersecurity expert, outlined the dangers of these types of hacks.

“Phishing attacks are essentially a numbers game, and the attackers are playing the odds,” he said in a statement. “If they target 3,000 accounts, it only takes one employee to click on the link to establish a backdoor for the hackers in a government organization.”

The SolarWinds attack is worsened than first expected. It gave the hackers access to thousands of companies and government offices that used SolarWinds IT software.

President of Microsoft Brad Smith described that attack as “the largest and most sophisticated attack the world has ever seen.”

Editor's Choice

Posts You Might Like

Leave us a message

Subscribe

Fill the form our team will contact you

Advertise with us

Fill the form our team will contact you​