Microsoft Report: New Cyberattacks from Russian State-Sponsored Cybercriminals

Nobelium, a Russian organized crime group, has resurfaced. Resellers and other technological service providers that customize, deploy, and manage cloud services and other technologies for their customers are the focus of the latest cyber-attacks, according to Moonshot.

Microsoft's security blog claims the attack is a rehash of previous attempts against organizations that are critical to the global IT supply chain. In the year 2020, cyberattacks were launched against SolarWinds customers by Nobelium. According to the United States government and others, Nobelium is a component of Russia's SVR foreign intelligence arm.

Tom Burt, vice president and head of customer security states, “This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,”

Other nation-states and cybercriminals continue to pose serious concerns

They believe Nobelium's goal is to take advantage of resellers' direct access to IT systems and pass itself off as a reputable technology partner in order to get access from its clients farther down the supply chain.

More than 140 resellers and technology service providers have been notified, according to Burt, since Nobelium began targeting them in May. Up to 14 resellers and service providers may have been affected, although the investigation is still ongoing. This summer's wave of Nobelium activities included new attacks uncovered during the project's early stages. In fact, between July 1 and October 19 of this year, we alerted 609 clients that Nobelium had attacked them 22,868 times, with a success rate of less than 10%. We had warned clients of attacks from all nation-state actors 20,500 times previous to July 1, 2021, which is a huge difference from now.

In a recent report, Microsoft Digital Defense outlined the ongoing threats posed by other nation-states and cybercriminals. To better understand and protect against Nobelium's activities, Microsoft has collaborated with others in the security sector, including government agencies in the United States and Europe, according to Burt.