Microsoft published a message on its official blog on the 27th, saying, “This week we discovered that illegal user Nobelium was carrying out cyberattacks against government agencies, analysis centers, consulting companies, and non-governmental organizations.”
Targeted at 150 government agencies in about 24 countries and regions around the world, and 3000 email accounts were attacked. Most of these attacks were directed at the United States, and at least a quarter of the targets were involved in international development, humanitarian, and human rights work.
Join us on Telegram
Nobelium, a Russian hacker organization, has also launched a large-scale SolarWinds attack before, causing great losses to Microsoft. Microsoft said that the attack may be an attempt to collect diplomatic work of government agencies for the purpose of gathering intelligence.
Microsoft said: “Many attacks have been automatically blocked by the Windows Defender program, and Windows Defender can block malicious software.” According to the Associated Press, network security company Volexity also tracked the activity, but the detection rate was not as good as Microsoft.
Microsoft stated in another blog post that email attacks have been ongoing since January and continue to expand.
The SolarWinds hacker attack started in March-June 2020. Microsoft admits that hackers have entered their systems and can view the source code of some of these products, but Microsoft said that hackers cannot use these leaked codes to attack and infect other users.