Late last year, we learned that Russian state actors compromised SolarWinds Orion, a widely used network monitoring tool, and were able to access the systems of many SolarWinds customers – including many federal agencies.
That group, called Nobelium, didn’t give up when their hack was discovered. Instead, they stepped up their activity. According to a report Microsoft released late last month, Nobelium has been targeting IT resellers and service providers since at least May.
“We have notified more than 140 resellers and technology service providers that have been targeted by Nobelium,” said Tom Burt, Microsoft’s corporate vice president for customer security and trust, in a blog post.
According to Burt, as many as 14 of those resellers had been compromised.
In addition, he said, since the start of July, Microsoft has informed 609 customers about nearly 23,000 other Nobelium attacks, “with a success rate in the low single digits.”