microsoft is warning it has uncovered a new spearphishing campaign by the same hacking group believed to be behind the devastating solarwinds supply chain attacks. They are believed to be targeting a large number of organisations across many countries.
Spearphishing involves highly targeted phishing attacks against high-value targets. In this case, it appears the spearphishing is targeted towards government agencies involved with foreign policy, and international development organisations. Around 3000 email accounts used by over 150 organisations in 24 countries are affected.
According to Microsoft, the attacks were focused on intelligence gathering, as opposed to being financially motivated. This is a further indication that nation-state actors are likely to be behind this and the earlier SolarWinds exploit.
This is a reminder of the importance of having training measures in place so the people in your organisation are equipped with the skills they need