Security News > 2021 > October > Microsoft: Russian state hackers behind 53% of attacks on US govt agencies
Microsoft says that Russian-sponsored hacking groups are increasingly targeting US government agencies, with roughly 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 coming from Russia.
"Russian nation-state actors are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% - largely agencies involved in foreign policy, national security or defense," said Tom Burt, Microsoft's Corporate Vice President for Customer Security & Trust.
The most active Russian-backed threat actor is an activity group tracked by Microsoft as Nobelium.
In all, Nobelium has coordinated the attacks behind 92% of notifications Microsoft sent to its customers about Russia-based threat activity from July 2020 to June 2021.
As Microsoft further explained, this is only a partial overview of nation-state actors' breach attempts - Microsoft customers received 20,500 notifications about such attacks.
In April 2021, the US government formally accused this SVR division of coordinating the SolarWinds "Broad-scope cyber espionage campaign" that led to the compromise of multiple US federal agencies.
News URL
Related news
- Microsoft says Russian hackers breached its systems, accessed source code (source)
- Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets (source)
- Microsoft: Russian hackers accessed internal systems, code repositories (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Iranian charged over attacks against US defense contractors, government agencies (source)
- CISA warns of Microsoft Streaming bug exploited in malware attacks (source)
- Hackers target FCC, crypto firms in advanced Okta phishing attacks (source)
- Hackers steal Windows NTLM authentication hashes in phishing attacks (source)