Microsoft alerted this Friday of a “wave” of cyber attacks originating in Russia against more than 150 governments, ‘think tanks’, consulting firms and non-governmental organizations from 24 countries, with special emphasis on USA.
In an entry on the company’s official blog, the corporate vice president for security and customer trust, Tom Burt explained that the organization identified after the attacks is Nobelium.
Nobelium It is the same entity that in December 2020 hacked several government agencies and large US companies through the SolarWinds program, an event for which Washington blames Moscow.
On this occasion, the hackers tried to access 3,000 email accounts using the technique known as “phishing”, an English term used to refer to sending emails to company workers posing as a trusted sender.
The hacker thus manages to lower the receiver’s guard, unable to distinguish the fake email from the real one – these are very elaborate impersonations, which copy corporate logos and aesthetics almost to perfection – the employee clicks on a link or downloads a email attachment and the computer system becomes infected with malware
“Although US organizations were the ones that received most of the attacks, the victims are spread across 24 different countries,” said Burt.
Of the more than 150 institutions that received cyberattacks, at least a quarter is dedicated to international development, humanitarian tasks and the defense of human rights.
According to Microsoft, Nobelium gained access to an account of the United States Agency for International Development (USAID), and from there he sent the “phishing” e-mails to the rest of the institutions, with a link that downloaded malicious code to the receiver’s equipment. After infecting the device, This malware can steal data and infect other computers on the same network.
The president of the USA, Joe biden, and his Russian counterpart, Vladimir Putin, will meet for the first time on June 16 in Geneva (Switzerland), a meeting in which the White House wants to put on the table the cyberattacks suffered in recent months.