© 2025 Connecticut Public

FCC Public Inspection Files:
WEDH · WEDN · WEDW · WEDY
WEDW-FM · WNPR · WPKT · WRLI-FM
Public Files Contact · ATSC 3.0 FAQ
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

The Russian hacker group behind the SolarWinds attack is at it again, Microsoft says

The SolarWinds Corp. logo is seen at the headquarters in Austin, Texas in April.
Suzanne Cordeiro
/
AFP via Getty Images
The SolarWinds Corp. logo is seen at the headquarters in Austin, Texas in April.

Updated October 25, 2021 at 2:15 PM ET

Last year a hacker group used a bit of malicious code it hid in a software update by the company SolarWinds to launch an immense cyberattack against U.S. government agencies and corporations.

The group behind the attack, Nobelium, is reportedly being directed by the Russian intelligence service. And they're at it again.

According to Microsoft, one of the victims of the SolarWinds hack, the group is targeting technology companies that resell and provide cloud services for customers.

"Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain," Tom Burt, Microsoft's Corporate Vice President of Customer Security & Trust, said in a blog post on the company's website.

"We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," he added.

The hacker group hasn't tried to ferret out vulnerabilities in software, Burt said, but rather has been using techniques like phishing and password spray to gain entry to the targeted networks.

A senior Biden administration official declined to comment on who it believed was responsible for the latest attacks. But in responding to the latest news from Microsoft, they pointed out that the hacking attempts were both unsophisticated and largely unsuccessful, unlike the SolarWinds campaign, which involved a complex intrusion using a software update which impacted an indiscriminate number of victims.

In this case, this latest spying campaign by the Russian SVR appears to be classic espionage, and out of the 141 companies Microsoft notified, only about 14 concluded there might have been a successful compromise, with limited impact.

The targets — cloud service providers — are particularly popular recently as bad actors focus on the all-important supply chain to try and gain access to the more attractive targets: their clients, including government agencies.

"Broadly speaking, the federal government is aggressively using our authorities to protect the Nation from cyber threats, including helping the private sector defend itself through increased intelligence sharing, innovative partnerships to deploy cybersecurity technologies, bilateral and multilateral diplomacy, and measures we do not speak about publicly for national security reasons," said the senior administration official.

Jenna McLaughlin contributed to this report.

Copyright 2021 NPR. To see more, visit https://www.npr.org.

Joe Hernandez
[Copyright 2024 NPR]

The independent journalism and non-commercial programming you rely on every day is in danger.

If you’re reading this, you believe in trusted journalism and in learning without paywalls. You value access to educational content kids love and enriching cultural programming.

Now all of that is at risk.

Federal funding for public media is under threat and if it goes, the impact to our communities will be devastating.

Together, we can defend it. It’s time to protect what matters.

Your voice has protected public media before. Now, it’s needed again. Learn how you can protect the news and programming you depend on.

SOMOS CONNECTICUT is an initiative from Connecticut Public, the state’s local NPR and PBS station, to elevate Latino stories and expand programming that uplifts and informs our Latino communities. Visit CTPublic.org/latino for more stories and resources. For updates, sign up for the SOMOS CONNECTICUT newsletter at ctpublic.org/newsletters.

SOMOS CONNECTICUT es una iniciativa de Connecticut Public, la emisora local de NPR y PBS del estado, que busca elevar nuestras historias latinas y expandir programación que alza y informa nuestras comunidades latinas locales. Visita CTPublic.org/latino para más reportajes y recursos. Para noticias, suscríbase a nuestro boletín informativo en ctpublic.org/newsletters.

The independent journalism and non-commercial programming you rely on every day is in danger.

If you’re reading this, you believe in trusted journalism and in learning without paywalls. You value access to educational content kids love and enriching cultural programming.

Now all of that is at risk.

Federal funding for public media is under threat and if it goes, the impact to our communities will be devastating.

Together, we can defend it. It’s time to protect what matters.

Your voice has protected public media before. Now, it’s needed again. Learn how you can protect the news and programming you depend on.

Related Content