Security News > 2021 > October > SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks
The SolarWinds attackers - an advanced persistent threat known as Nobelium - have started a new wave of supply-chain intrusions, this time using the technology reseller/service provider community to attack their targets.
"While the SolarWinds supply-chain attack involved malicious code inserted in legitimate software, most of this recent intrusion activity has involved leveraging stolen identities and the networks of technology solutions, services and reseller companies in North America and Europe to ultimately access the environments of organizations that are targeted by the Russian government."
Since May, Microsoft has observed Nobelium attacking more than 140 resellers and technology service providers, it said, with about 14 of them succumbing to compromise.
"Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems," according to Microsoft.
"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling - now or in the future - targets of interest to the Russian government."
Famously, the SolarWinds attack caused widespread damage and allowed Nobelium to gain access to several U.S. government agencies, by hijacking a legitimate software update from the platform to push malware to SolarWinds users.
News URL
https://threatpost.com/solarwinds-tech-resellers-supply-chain-cyberattacks/175716/