Microsoft says SolarWinds hackers again targetting government agencies with phishing

WION Web Team
California, United States Published: May 28, 2021, 04:18 PM(IST)

FILE PHOTO: SolarWinds headquarters Photograph:( Reuters )

Story highlights

The effort targeted about 3,000 email accounts at more than 150 different organisations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post

Microsoft Corp has said that a group behind the SolarWinds cyber attack identified late last year is now targeting government agencies, think tanks, consultants, and non-governmental organisations.

The effort targeted about 3,000 email accounts at more than 150 different organisations, at least a quarter of them involved in international development, humanitarian and human rights work, Microsoft Vice President Tom Burt said in a blog post on Thursday.

The comments come weeks after a May 7 ransomware attack on Colonial Pipeline shut the United States' largest fuel pipeline network for several days, disrupting the country's supply.

The cybersecurity firm Volexity, which also tracked the campaign but has less visibility into email systems than Microsoft, said in a post that relatively low detection rates of the phishing emails suggest the attacker was ''likely having some success in breaching targets.''

Burt said the campaign appeared to be a continuation of multiple efforts by the Russian hackers to ''target government agencies involved in foreign policy as part of intelligence gathering efforts.'' He said the targets spanned at least 24 countries.

This month, Russia's spy chief denied responsibility for the SolarWinds cyber attack but said he was "flattered" by the accusations from the United States and Britain that Russian foreign intelligence was behind such a sophisticated hack.

The United States and Britain have blamed Russia's Foreign Intelligence Service (SVR), successor to the foreign spying operations of the KGB, for the hack which compromised nine US federal agencies and hundreds of private sector companies.

The attacks disclosed by Microsoft on Thursday appeared to be a continuation of multiple efforts to target government agencies involved in foreign policy as part of intelligence gathering efforts, Microsoft said.

The company said it was in the process of notifying all of its targeted customers and had "no reason to believe" these attacks involved any exploitation or vulnerability in Microsoft's products or services.

(With inputs from agencies)

Read in App