Russian SolarWinds hackers strike again with email attack on 150 organizations including US government agencies

RUSSIAN spies behind the SolarWinds hack reportedly launched a phishing email attack on 150 organizations including federal government agencies.

The actor Nobelium targeted around 3,000 email accounts across 24 countries.


Spies behind the SolarWinds hack launched a phishing email attack on 150 organizations including US agencies[/caption]

A quarter of the email accounts belonged to organizations working in human rights and international development, Microsoft corporate vice president Tom Burt wrote in a blog post.

The cyberhack was reportedly conducted by Nobelium – the same actor that carried out the attacks on SolarWinds customers last year.

The spies gained access to an email service used by USAID – United States Agency for International Development.

Most of the attacks were blocked and Windows is in the process of contacting customers that were affected.

The number of successful intrusions remains unknown.

Mr. Burt tweeted: “This week we observed new nation-state cyberattacks targeting government agencies, think tanks, consultants, and non-governmental organizations. These attacks aren’t slowing, and we must do more to stop them.”

Spies gained access to an email service used by the US Agency for International Development

Microsoft corporate vice president Tom Burt warned the attacks ‘aren’t slowing’[/caption]

The hack comes just weeks after Republicans warned that DC’s response to cyberattacks is “weak and naïve” following the Colonial Pipeline shutdown.

Russian crime group DarkSide hacked the pipeline, causing the shutdown of the main supplier of gasoline and diesel to the east coast.

Colonial Pipeline reportedly paid DarkSide nearly $5 million in a ransom to retrieve its stolen data.

GOP senator Lindsey Graham said Washington doesn’t understand how to “prevent” cybercrimes.

He said: “They don’t understand prevention. Deterrence is achieved by changing our laws so that we can put people in jail and maybe even use the death penalty for cyberterrorism against members of DarkSide.”


Republican Senators branded DC’s response to cyberattacks as ‘weak and naive’ following the Colonial Pipeline shutdown[/caption]

Last year, Kremlin spies reportedly hacked Microsoft and infiltrated a US nuclear weapons stockpile as part of a nine-month “virtual invasion” by Moscow.

The malware was isolated to business networks and didn’t affect US national security.

Hackers used various techniques, including the corruption of updates from network management app SolarWinds.

It’s reported that the SolarWinds hack may have impacted thousands of companies and government agencies.

But, the actual damage of the cyber attack may take years to assess, experts admitted.


Last year Kremlin spies reportedly hacked Microsoft and infiltrated a US nuclear weapons stockpile as part of a nine month ‘virtual invasion’[/caption]

The client list for SolarWinds is broad and has included “425 of the companies listed on the Fortune 500 as well as the top 10 telecom operators in the United States,” the Verge reported.

Senators on the Armed Services Committee said at the time that the attack had “the hallmarks of a Russian intelligence operation”.

Moscow denied having any connection to the United States’ hack via the Embassy in Washington.

Hackers believed to be acting on behalf of the Russian foreign intelligence service SVR breached and stole data from agencies within the Treasury Department and the US Department of Commerce, The New York Times and Washington Post reported.

The “sophisticated” hackers also had free access to their email systems, reports said.

It’s not known if the systems contained highly classified material and the motive behind the hack remains unclear.

SolarWinds said it believed the attack originated from an “outside nation state” that worked by inserting malware into its updates between March and June last year.

The Times reported that the attack appears to be the largest on federal systems in the past five years.


(Visited 32 times, 1 visits today)

Leave a Reply