Microsoft alerted this Friday of a “wave” of cyber attacks originating in Russia against more than 150 governments, ‘think tanks’, consulting firms and non-governmental organizations from 24 countries, with a special emphasis on the United States.
In an entry on the company’s official blog, the corporate vice president for security and customer trust, Tom Burt explained that the organization identified after the attacks is Nobelium.
Nobelium It is the same entity that in December 2020 hacked several government agencies and large US companies through the SolarWinds program, an event for which Washington blames Moscow.
On this occasion, the hackers tried to access 3,000 email accounts using a technique known as “phishing”, an English term used to refer to sending emails to company workers posing as a trusted sender.
The hacker thus manages to lower the receiver’s guard, unable to distinguish the false email from a real one – these are very elaborate impersonations, which copy corporate logos and aesthetics almost perfectly – the employee clicks on a link or downloads a email attachment and the computer system becomes infected with malware
“Although US organizations received most of the attacks, the victims are spread across 24 different countries,” Burt said.
Of the more than 150 institutions that received cyberattacks, at least a quarter is dedicated to international development, humanitarian tasks and the defense of human rights.
According to Microsoft, Nobelium gained access to an account of the United States Agency for International Development (USAID), and from there he sent the “phishing” e-mails to the rest of the institutions, with a link that downloaded malicious code to the receiver’s equipment. After infecting the device, This malware can steal data and infect other computers on the same network.
The president of the United States, Joe Biden, and his Russian counterpart, Vladimir Putin, will meet for the first time on June 16 in Geneva (Switzerland), a meeting in which the White House wants to put on the table the cyberattacks suffered during the last months.