Rick Richardson's Views On Technology
  • Home
  • Blog

Microsoft Reveals New Phishing Campaign by SolarWinds Hackers

6/13/2021

0 Comments

 
Picture
The group behind the massive SolarWinds hacks has also been running a sophisticated email-based spear-phishing campaign, according to Microsoft. In a blog post by company VP Tom Burt, he said the Microsoft Threat Intelligence Center (MSTIC) has detected a wave of cyberattacks by the group called Nobelium against government agencies, think tanks and non-governmental organizations. Nobelium apparently sent out 3,000 emails to 150 organizations after getting access to Constant Contact, the mass mailing service used by the United States Agency for International Development or USAID.

While most of the targets are in the United States, they're spread out in 24 countries overall. At least a quarter of the intended victims are involved in humanitarian and human rights work and, hence, may be the most vocal critics of Russian president Vladimir Putin. The SolarWinds attack is believed to be a Russian-backed campaign, and the United States government retaliated by expelling 10 Russian diplomats from Washington, DC. The Treasury Department also imposed sanctions on six Russian technology companies that were allegedly involved in creating malicious tools for cyberattacks.

According to Microsoft, it first detected the campaign on January 25th, though Nobelium wasn't leveraging USAID's Constant Contact account to phish targets back then. The campaign has evolved several ways since, and it was only on May 25th that MSTIC determined an escalation on the group's part when it sent out 3,000 emails with legitimate-looking USAID addresses through the mailing service. 

Thankfully, automated threat detection systems blocked most of the emails because of the high volume of emails that were sent out. Further, the contents were anything but subtle. The New York Times says one email blasted out highlighted a message claiming that "Donald Trump has published new emails on election fraud." It then linked to a URL that downloads malware into the victim's computer when clicked. Microsoft says some of the earliest emails that went out may have been successfully delivered, though, and the company is advising potential targets to make sure they're sufficiently protected. 

Burt wrote in his post:
​
"These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts... when coupled with the attack on SolarWinds, it’s clear that part of Nobelium’s playbook is to gain access to trusted technology providers and infect their customers. By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem."
0 Comments



Leave a Reply.

    Author

    Rick Richardson, CPA, CITP, CGMA

    Rick is the editor of the weekly newsletter, Technology This Week. You can subscribe to it by visiting the website.

    Rick is also the Managing Partner of Richardson Media & Technologies, LLC. Prior to forming his current company, he had a 28-year career in technology with Ernst & Young, the last twelve years of which he served as National Director of Technology.

    Mr. Richardson has been named to the "Technology 100"- the annual honors list of the 100 key achievers in technology in America. He has also been honored by the American Institute of CPAs with two Lifetime Achievement awards and a Special Career Recognition Award for his contributions to the profession in the field of technology.

    In 2012, Rick was inducted into the Accounting Hall of Fame by CPA Practice Advisor Magazine. He has also been named to the 100 most influential individuals in the accounting profession in America by Accounting Today magazine.

    In 2017, Rick was inducted as a Marquis Who’s Who Lifetime Achiever, a registry of professionals who have excelled in their fields for many years and achieved greatness in their industry.

    He is a sought after speaker around the world, providing his annual forecast of future technology trends to thousands of business executives, professionals, community leaders, educators and students.

    Picture
    Picture
    Picture
    Picture
    Picture

    Archives

    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015

    Categories

    All
    Artificial Intelligence
    Audit
    Back Up
    Back-Up
    Blockchain
    Climate
    Cloud
    Collaboration
    Communication
    Coronavirus
    COVID 19
    COVID-19
    Digital Assistant
    Display
    Drone
    Edge Computing
    Education
    Enterprise
    Hardware
    Home Automation
    Internet Of Things
    Law
    Medicine
    Metaverse
    Mobile
    Mobile Payments
    Open Source
    Personalization
    Power
    Privacy
    Quantum Computing
    Remote Work
    Retail
    Robotics
    Security
    Software
    Taxes
    Transportation
    Wearables
    Wi Fi
    Wi-Fi

    RSS Feed

    View my profile on LinkedIn
Powered by Create your own unique website with customizable templates.