Microsoft Has Discovered a Second SolarWinds-style Attack Conducted by Russian Hackers

Companies are still recovering from the sophisticated large-scale 2020 SolarWinds attack, which impacted up to 320,000 organizations in over 190 countries, and a second attempt looks to be underway.

Microsoft has detected a second emerging threat on the way that uses a similar Trojan-horse technique to obtain direct access to the cloud services utilized by the worldwide IT supply chain.

Tom Burt, Microsoft’s corporate vice president of Customer Security & Trust, named Russian nation-state actor Nobelium as the culprits of both the initial SolarWinds attack and this current copycat attempt in a blog post.

Since May of this year, Microsoft has been monitoring Nobelium and warning its vulnerable partners and customers, who include more than 140 resellers and service technology providers.

Unfortunately, Microsoft estimates that the new attack has substantially compromised at least 14 of the 140. On the plus side, Microsoft believes it has discovered Nobelium in its early stages, despite an upsurge in activity throughout the summer.

According to Microsoft, Nobelium, like SolarWinds, is trying to weaponize a long-term surveillance strategy on prospective Russian targets in the future.