The Russian hacking group responsible for SolarWinds breach is now targeting IT supply chains

The cyber crime group that launched last year’s SolarWinds attack are back in action, Microsoft has warned.

Nobellium, which broke into the Texas-based technology firm, was able to spy on the cybersecurity firm FireEye as well as US Government departments, including the Department of Homeland Security and the Treasury Department.

It was considered one of the most dangerous cyberattacks of recent memory, given the sensitivity of the information exposed and the length of time it took the intrusion to be detected.

The incident even resulted in US sanctions against the Russian government, which was believed to have sponsored the attacks.

But that doesn’t seem to have slowed the gang down, Microsoft said in a recent blog. It reports that hundreds of organizations in the global IT supply chain have been targeted by Nobellium, and as many as 14 have been compromised.

Are you being targeted?

According to Microsoft, the gang has targeted “resellers and other technology service providers” of Cloud services.

It said the gang launched 22,868 attacks against 609 companies this summer, but confirmed that only a small number of organizations had been breached.

Nonetheless, this represents a huge increase in the number of state-sponsored attacks, with Microsoft noting that in the previous three years prior to this spike, it had detected just 20,500 such incidents.

It’s a concerning trend, and indicates that organizations must be careful about their Cloud security practices.

As Microsoft writes: “This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”

Fortunately, the nature of the attacks means that – for now at least – there is a simple solution.

US officials confirmed that the criminal hackers were conducting “unsophisticated, run-of-the mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices.”

Secure the Cloud

You can find out how to secure your Cloud systems by reading Securing Cloud Services: A pragmatic guide.

This book, written by security architect Lee Newcombe, help organizations implement Cloud services aimed at the enterprise.

You’ll discover key security architectures and covers security considerations for the different Cloud service models: infrastructure-, platform- software- and function-as-a-service.