Hackers strike again at SolarWinds after an earlier cyberattack several months back. This activity was verified by Microsoft, noting that over 36 countries were targeted.
Hacked again
Microsoft confirmed on Friday a new cyberattack on SolarWinds, bolstered by the new campaign launched by the hackers that target the U.S. interests, reported Epoch Times.
Going by various names including Nobelium, the alleged Russian-based hacking group employed "password spray and brute-force attacks." It was able to shred firewalls with ease and bypassed protocols.
The attacks reportedly affected 45 percent of entities within the United States, 10 percent in the UK, and smaller percentages in Germany and Canada. It is only the most recent activity against western networks in the past couple of months.
Microsoft provided the details of the cyberattacks, saying that the hackers targetted particular customers and compromised IT companies, government agencies, and even non-governmental organizations, think tanks, and financial services.
"This recent activity was mostly unsuccessful, and the majority of targets were not successfully compromised - we are aware of three compromised entities to date. All customers that were compromised or targeted are being contacted through our nation-state notification process," as elaborated in a statement released by Microsoft Security Response Center.
Though only three entities of the U.S. were affected, it still posed alarming damage that needs an immediate resolution. If this activity were not promptly addressed and thwarted, the attacks would just become worse.
For security purposes, Microsoft did not identify who was breached and targeted. All the clients who bore the brunt of the online breach were contacted. As the IT company addressed those who were seriously affected by the cyber-assault.
On one of Microsoft's customer support agent's computers used for accessing account information for a "small number" of customers, an information-stealing malware was detected. Microsoft named the threat actor as Nobelium, which "used [stolen] information in some cases to launch highly-targeted attacks as part of [Russian-based hacking group's] broader campaign."
'Nobelium' is back
MSRC identified the alleged group as Nobelium, a Russian-based hacking group that committed high-profile assaults online in wide computer raids. After learning about the infamous incident, Microsoft immediately cut all access and secured all portal devices.
This attack did inadvertently affect Microsoft employee accounts, pilfering software instructions on how the IT giant confirms users online. A spokesman for Microsoft confirmed that the cyberattack was not part of an earlier assault, per Reuters.
Meanwhile, Moscow repudiated the allegation that Nobelium is linked to Russian intelligence as furious U.S. Officials blamed Russia. It can be recalled that recently, at the Geneva Summit, President Joe Biden gave Kremlin leader Vladimir Putin a list of untouchable entities online.
The measures are underway to secure the network holes caused by the incidents where hackers struck again at SolarWinds, said a spokesperson for the Department of Homeland Security, overseer of the U.S. Cybersecurity and Infrastructure Security Agency.
Related article: Russian Intelligence Chief Slams Accusations from the US and UK Saying It Hacked Solar Winds