The group behind the attack, Nobelium, is reportedly being directed by the Russian intelligence service. And they're at it again.
According to Microsoft, one victim of the SolarWinds hack, the group is targeting technology companies that resell and provide cloud services for customers.
"Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," Tom Burt, Microsoft's Corporate Vice President of Customer Security & Trust, said in a blog post on the company's website.
"We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," he added.
The hacker group hasn't tried to ferret out vulnerabilities in software, Burt said, but has been using techniques like phishing and password spray to gain entry to the targeted networks.