The Russian-based agency behind last year’s massive SolarWinds cyberattack has targeted hundreds more companies and organizations in its latest wave of attacks on U.S.-based computer systems, Microsoft said in a blog post.
Microsoft, in a blog post dated Oct. 24, said Nobelium’s latest wave targeted “resellers and other technology service providers” of cloud services. Those attacks were part of a broader campaign over the summer, Microsoft said, adding it had notified 609 customers between July 1 and Oct. 19 that they had been attacked.
Just a small percent of the latest attempts were successful, Microsoft told the New York Times, which first reported the breach, but it gave no further details.
U.S. cybersecurity officials could not be immediately reached to confirm the report.
U.S. officials confirmed to the Times that the operation was underway, with one unnamed senior administration official calling it “unsophisticated, run-of-the mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices.”
“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Microsoft wrote.