Russian-backed hackers reportedly targeted President Biden’s supply chain crisis as an opportunity to further derail the U.S. economy, Microsoft revealed Sunday. The White House has downplayed the attack on 609 companies 22,868 times as “unsophisticated.” A total of fourteen companies believe they have been hacked.
Russian-backed hackers, dubbed Nobelium and which are reportedly responsible for the 2020 SolarWinds breach, have attacked Microsoft’s networks in “a new strategy to piggyback on the direct access that cloud service resellers have to their customers’ IT systems,” the Associated Press reported.
The attack’s purpose is to “more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers” in the supply chain, Microsoft Vice President Tom Burt wrote.
“Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers, and their customers take timely steps to help ensure Nobelium is not more successful,” Burt continued. “Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government.”
The Biden-Harris administration, which is free-falling in the polls due to mounting policy failures, has downplayed the hack as “unsophisticated” and “run-of-the mill operations.”
“The activities described were unsophisticated password spray and phishing, run-of-the mill operations for the purpose of surveillance that we already know are attempted every day by Russia and other foreign governments,” a U.S. government official told the AP.
Earlier in the year Biden had met with Russian President Vladimir Putin to plead with him to influence the hackers within his country to stop carrying out attacks on American organizations.
“I made it very clear to him that the United States expects when a ransomware operation is coming from his soil, even though it’s not sponsored by the state, we expect him to act, and we give him enough information to act on who that is,” Biden said in July.
But Putin seems to have disregarded Biden’s pleas.
The AP noted Microsoft has been tracking Nobelium’s latest cyber warfare efforts since May with the attacks increasing since July. Microsoft revealed it had told 609 customers they had been attacked 22,868 times by Nobelium. “That’s more attacks than Microsoft had flagged from all nation-state actors in the previous three years,” the AP noted.
Follow Wendell Husebø on Twitter @WendellHusebø