On October 24, Microsoft has warned of the latest wave of attacks by Russian nation-state actor Nobelium.
- – According to Microsoft, Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.
- – This time, Nobelium is attempting to target resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers.
- -Microsoft believes that Nobelium hopes to piggyback on any direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.
- – Between July 1 and October 19 this year, Microsoft has already informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits
- – Nobelium is the same actor behind the cyberattacks targeting SolarWinds customers in 2020.