Microsoft: Hackers Who Hit SolarWinds Are Back and Targeting IT Supply Chain

From PC Mag: The suspected Russian hackers behind last year’s SolarWinds breach have re-emerged to target dozens of companies across the global IT supply chain, according to Microsoft

The hacking group, dubbed Nobelium or Cozy Bear, is trying to attack resellers and technology providers that help customers manage and deploy their cloud services, Microsoft said in a Monday report. The goal: To hijack access and then target their “downstream customers,” including government offices and think tanks.

The strategy echoes last year’s attack on SolarWinds, a Texas-based IT company that serves numerous customers, including US government agencies. By breaking into the company, the suspected Russian hackers were able to spread malicious software via SolarWinds software to at least nine federal agencies and over 100 private firms, including Microsoft itself.

The latest hacking campaign, which Microsoft began tracking in May, has already succeeded in compromising some customers.

View: Full Article