Russian cyberattack targeting hundreds of US networks, reveals Microsoft

The Russian-based agency behind last year's massive SolarWinds cyber attack has targeted hundreds more companies and organisations as a part of its latest attacks on US-based computer systems, reveals Microsoft in a blog post.

In a blog post dated October 24, Microsoft said that Nobelium's latest wave targeted "resellers and other technology service providers" of cloud services. The attacks come as a part of a broader campaign over the summer, Microsoft said. It further added that it had notified 609 customers between July 1 and October 19 that they had been attacked.

The software giant's Threat Intelligence Center (MSTIC), described the cyberattack as "nation-state activity."

MSTIC said that it "shares the hallmarks" of the assault on SolarWinds, a Texas-based software company targeted as its 300,000-strong customer base gave the hackers access to a huge number of companies. 

The latest attack has been underway since at least May, MSTIC said. 

Also read | Woman finds her dad on Facebook after 58 years

In April, Washington imposed sanctions and expelled Russian diplomats in retaliation for Moscow's alleged involvement in the SolarWinds attack, election interference and other hostile activity.

The software company urged its customers to check on their security arrangements using multi-factor authentification.

This is not the first time that Nobelium has mounted a comeback since SolarWinds, with Microsoft announcing in May that it had again detected a series of attacks by the group on government agencies.

In May, the effort targeted about 3,000 email accounts at more than 150 different organisations, at least a quarter of them involved in international development, humanitarian and human rights work.

This time, Burt said the speed of the attacks was escalating. While the success rate was only "in the low single digits", this compares to "attacks from all nation-state actors 20,500 times over the past three years".