Alleged Russian Hacks of Microsoft Service Providers Highlight Cybersecurity Deficiencies
Cybersecurity experts say Microsoft’s recent disclosure that alleged Russian hackers successfully attacked several IT service providers this year is a sign that many U.S. IT companies have underinvested in security measures needed to protect themselves and their customers from intrusions.To get more latest news about microsoft, you can visit shine news official website.
But a U.S.-based association of IT professionals says the industry’s efforts to combat foreign hacking attacks are hampered by their customers not practicing good cyber habits and by the federal government not doing enough to punish and deter the hackers.
In an October 24 blog post, Microsoft said a Russian nation-state hacking group that it calls Nobelium spent three months attacking companies that resell, customize and manage Microsoft cloud services and other digital technologies for public and private customers. Microsoft said it informed 609 of those companies, known as managed service providers, or MSPs, that they had been attacked 22,868 times by Nobelium from July 1 to October 19 this year.
As of its October 24 blog post, Microsoft said it determined that “as many as 14” of the resellers and service providers had been compromised in the Nobelium attacks, which it said involved the use of “well-known techniques, like password spray and phishing, to steal legitimate credentials and gain privileged access.”
Nobelium is the same group that Microsoft said was responsible for last year’s cyberattack on U.S. software company SolarWinds. That attack involved inserting malicious code into SolarWinds’ IT performance monitoring system, Orion, and gave the hackers access to the networks of thousands of U.S. public and private organizations that use Orion to manage their IT resources.The White House said in April that it believed the perpetrators of the SolarWinds hack were part of the Russian foreign intelligence service, or SVR.
In an October 29 statement published by Russian network RBC TV, Russia’s foreign ministry dismissed as “groundless” Microsoft’s accusation that SVR was behind the recent cyberattacks on IT companies. It also said Microsoft should have shared data on the attacks with the Russian government's National Coordination Center for Computer Incidents to aid a “professional and effective dialogue to ... identify those involved.”
VOA asked Microsoft whether the company had communicated with Moscow regarding the latest hacking incidents, but Microsoft declined to comment.It also has not disclosed the names or locations of any of the targeted or compromised IT companies.
Charles Weaver, chief executive of the U.S.-based International Association of Cloud and Managed Service Providers, also known as MSPAlliance, told VOA that he had not heard of any of his organization’s members being affected by the latest Nobelium attacks.
MSPAlliance describes itself as the world’s largest industry group for people who manage hardware, software and cloud computing services for customers. It says it has more than 30,000 members worldwide, about two-thirds of them based in North America.
