Business News

The Russian group behind the SolarWinds espionage campaign is launching new cyberattacks

[ad_1]

Russian hackers behind the SolarWinds espionage campaign have launched a new wave of global cyberattacks by hijacking an email system used by a U.S. government agency, Microsoft said Thursday.

US technology company he said the group has launched attacks this year on 3,000 email accounts at more than 150 government agencies, think tanks, consultancies and non-governmental organizations.

Microsoft began tracking the effort in January, but the attacks increase this week after hackers hijacked a massive email system called Constant Contact to become the U.S. Agency for International Development. If a user clicks on a link in a message, hackers can launch a “malicious email or phishing campaign” that could lead them to “go from stealing data to infecting other computers on the network”.

The scheme, which Microsoft said was an “active event,” was primarily targeted at the U.S., but had at least 24 countries. At least a quarter of the goals focused on international development, human rights and human rights.

The company blamed the attacks on the Russian group SolarWinds spying campaign was found last year when hackers hijacked software made by the Texas company to access U.S. U.S. Commerce and Treasury departments and other local and federal agencies. The The White House said last month the group was a member of the Russian Foreign Intelligence Service.

US President Joe Biden addresses recent calls to strengthen the country’s cyber defenses after the campaign Chinese state-sponsored espionage campaign He took advantage of the weaknesses in Microsoft’s email software and the attack on the US oil pipeline a criminal group company this month.

Road administration impose penalties Russia and has signed an executive order this month requires higher cyber security for federal agencies and their software providers.

Microsoft said it was blocking “many attacks” on its customers because automated systems marked emails as spam and prevented their systems from accessing harmful software.

It is not clear that some of these organizations were violated despite these security measures. Microsoft does not want to comment.

Tom Burt, vice president of corporate security and trust for Microsoft customers, said the latest attacks “seem to be a continuation of multiple efforts [the hackers] targeting government agencies involved in foreign policy as part of their intelligence-gathering efforts ”.

“With the attack on SolarWinds, that part is clear [the hackers’] it’s about having access to trusted playbook technology providers and infecting customers, ”he added.

Constant Contact said it was “aware that our client’s account credentials were being compromised and used by a malicious actor to access the customer’s Constant Contact accounts.”

“This is an isolated incident, and we have temporarily disabled the affected accounts while we work in partnership with our client who is working with law enforcement,” he added.

Daily newsletter

© Financial Times

# tFTFT provides you with news, comments and analysis on the major companies, technologies and issues that make up the fastest moving sectors in the hands of specialists from around the world. Click here #techFT to access your inbox.

[ad_2]

Source link

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button