Microsoft reveals Russia-backed hackers attempted 23,000 attacks on US since July

A year after the Russian hackers compromised almost a dozen US Federal Agencies, reports of renewed efforts by the same group to target the global supply chain have emerged. Despite multiple sanctions by the Biden administration and galvanised international pressure on Moscow to take action against cybercriminals, an undeterred Nobelium group continues to function and has even attempted more than 23,000 attacks in recent months. In a blog post on Monday, Microsoft shed light on the target attacks stating that the cybercriminals were attempting to replicate the approach it has used in past attacks by targeting organisations integral to the global IT supply chain. 

As per Microsoft experts, the group of Kremlin-linked hackers launched a larger wave of attacks over the summer months. Throughout the summer months, they targeted more than 14 resellers and technology companies across the globe. While most of the attacks were futile, they affected over 600 customers since the beginning of July. 

“These attacks have been a part of a larger wave of Nobelium activities this summer. In fact, between July 1 and October 19 this year, we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits. By comparison, prior to July 1, 2021, we had notified customers about attacks from all nation-state actors 20,500 times over the past three years,” according to the California based company. 

Russia was trying to increase surveillance

Furthermore, Microsoft emphasised that recent attacks directly indicated that the Russian Federation was trying to make “systematic access” to the supply chain and establish a mechanism for “surveillance”. “We have learned enough about these new attacks, which began as early as May this year, that we can now provide actionable information which can be used to defend against this new approach,” the US tech firm emphasised adding that they were sharing information with other tech firms and Govt agencies to crucial future attacks. 

"While we are clear-eyed that nation-states, including Russia, will not stop attacks like these overnight, we believe steps like the cybersecurity executive order in the U.S., and the greater coordination and information sharing we’ve seen between industry and government in the past two years, have put us all in a much better position to defend against them," it said. 

(Image: AP/Pixabay)