Russian spies compromised 14 tech providers, aiming to 'piggyback' on customer access, Microsoft says

Written by
Oct 25, 2021 | CYBERSCOOP

Suspected Russian spies who exploited a federal contractor to breach nine U.S. government agencies last year have continued targeting technology supply chains, aiming to compromise 140 technology service providers in recent months, according to Microsoft.

The Russian nation-state hacking group Nobelium — also known as Cozy Bear — has since May 2021 sought to infiltrate technology resellers, cloud software companies and managed services providers in an attempt to “piggyback” on those firms’ access to other customers, Tom Burt, corporate vice president of customer security and trust, said in an Oct. 24 advisory. The group’s goal, Burt suggested, is to more effectively impersonate an organization in order to breach its clients and partners, a similar tactic that the spies used when they breached U.S. agencies in 2020 by masquerading as SolarWinds.

“We continue to investigate, but to date we believe as many as 14 of these resellers and service providers have been compromised,” Burt said. “Fortunately, we have discovered this campaign during its early stages, and we are sharing these developments to help cloud service resellers, technology providers and their customers take timely steps to help ensure Nobelium is not more

Read More: