Russian hackers behind SolarWinds fiasco are at it again, says Microsoft

Microsoft Logo at Ignite
Microsoft Logo at Ignite (Image credit: Windows Central)

What you need to know

  • Microsoft has released a new report stating that Nobelium, a "Russian nation-state actor," is targeting companies in the global IT supply chain ecosystem.
  • This hacking group is cited as being the same one responsible for the SolarWinds situation that took place across 2020 and early 2021, which was a big enough cyberattack that the U.S. government had to directly combat it.
  • The latest Nobelium strike targets resellers and those providing cloud technology services.

Microsoft President Brad Smith called late 2020's SolarWinds hack "the largest and most sophisticated attack the world has ever seen," when discussing the severity of the situation on 60 Minutes. Now, the group behind that infamous attack, Russian state actor Nobelium, is back at it again, according to a new Microsoft report.

Microsoft's been keeping an eye on the situation since May 2021, and has notified over 140 companies to watch their backs in the wake of Nobelium's latest efforts. Microsoft reports that up to 14 companies have been compromised by the new attacks. As to what that said attacks are, here's how the Redmond tech giant describes the Russian hackers' recent activities:

Nobelium has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain. This time, it is attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers. We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers.

Microsoft's report says the aforementioned findings are being shared so that cloud service resellers are aware of the threat and can better avoid falling victim to Nobelium's activities. If you need a refresher on how much of 2021 has been dominated by Russian hackers, Microsoft has in-depth findings on that exact topic as well.

Robert Carnevale

Robert Carnevale is the News Editor for Windows Central. He's a big fan of Kinect (it lives on in his heart), Sonic the Hedgehog, and the legendary intersection of those two titans, Sonic Free Riders. He is the author of Cold War 2395. Have a useful tip? Send it to