Wednesday, January 26, 2022

Slide Slide
Home Cyber Security Cyber-attack: Russian hackers hit 150 firms

Cyber-attack: Russian hackers hit 150 firms

The latest cyber-attack by the group named ‘Nobelium’, touted as the same Russia-based hackers behind the infamous SolarWinds software hack, has targeted around 3,000 email accounts across 150 organisations

After China-based cyber-attack, earlier this year, hit its business email servers, Microsoft now has warned against an on-going “sophisticated” attack from Russia-based threat actors targeting government agencies, think tanks, consultants, NGOs and its customers across the globe.

The latest cyber-attack by the group named ‘Nobelium’, touted as the same Russia-based hackers behind the infamous SolarWinds software hack, has targeted around 3,000 email accounts across 150 organisations.

“While organisations in the United States received the largest share of attacks, targeted victims span at least 24 countries. At least a quarter of the targeted organisations were involved in international development, humanitarian, and human rights work”, said Tom Burt, Corporate Vice President, Customer Security and Trust at Microsoft.

“These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts”, Burt said in a statement on Friday.

“Many of the attacks targeting our customers were blocked automatically, and Windows Defender is blocking the malware involved in this cyber-attack. We’re also in the process of notifying all of our customers who have been targeted”, he informed.

By gaining access to the Constant Contact account of USAID, ‘Nobelium’ launched the cyber-attack.

Used for email marketing, Constant Contact is a service, from where the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone.

“This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network”, Microsoft said.

As a result of the SolarWinds hack, nine federal agencies and about 100 private sector companies were compromised.

Including government and commercial firms, at least 30,000 organisations across the US, after SolarWinds, earlier this year, were hit by China-based espionage group called ‘Hafnium’, who exploited four vulnerabilities in Microsoft Exchange Server email software.

“While Hafnium is based in China, it conducts its operations primarily from leased virtual private servers (VPS) in the US”, Burt had said in March.

Especially after at a key fuel pipeline last week, alarmed at repeated cyber-attack on the country, US President Joe Biden this month signed an executive order, implementing new policies to improve national cyber-security.

Also read:DigiYatra: A paperless journey experience for domestic air travellers

Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter

khushbu
Khushbu Sonihttps://www.cionews.co.in
Chief Editor - CIO News | Founder & CEO - Mercadeo

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -1x1 banner1x1 banner1x1 banner1x1 banner

Most Popular

Adoption of digital technologies needs an investment in acquiring and implementing the right technologies, says Archana Goel, Founder & IT Leader of Akshpro IT...

77 per cent of companies consider missing digital skills as the key hurdle to their digital transformation This is an exclusive interview conducted by Santosh...

5G radio solutions deployed by du to reduce network carbon footprint

This collaboration is part of du’s plan to simplify network rollout and efficiently manage the expected growth in data traffic over its 5G network...

AI supercomputer created by Meta

Once it is fully built around the middle of the year, the AI supercomputer will be the fastest in the world Meta, the parent company...

Cloudflare signals expansion in Asian region

To bring more bucks through the Cloudflare door, another role, titled "Regional Major Account Executive – Gaming and Online Casino" gets the job of...

Recent Comments