NEW YORK CITY, New York: Microsoft announced on Monday that Nobelium, the Russian hackers behind the successful 2020 breach of U.S. federal agencies, compromised as many as 14 technology firms since May as part of another apparent espionage campaign, but did not name the victim companies or identify the ultimate targets.
Unlike the 2020 breach, the hackers have been striking a different part of the supply chain: companies that buy and distribute software and manage cloud computing services.
"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling -- now or in the future -- targets of interest to the Russian government," said Tom Burt, Microsoft corporate vice president, as reported by CNN.
The ultimate goal is to "impersonate an organization's trusted technology partner to gain access to their downstream customers," Burt said.
The hackers are known to have used tampered with software made by federal contractor SolarWinds to breach at least nine U.S. agencies in activity that came to light in December 2020.
The Biden administration, in April, attributed the spying campaign to Russia's foreign intelligence service, the SVR, and criticized Moscow for exposing thousands of SolarWinds customers to malicious codes. Moscow has denied involvement.
Rob Joyce, head of the National Security Agency's Cybersecurity Directorate, on Monday morning shared the Microsoft announcement on Twitter and urged organizations to follow Microsoft's security recommendations.
Meanwhile, Defense Secretary Lloyd Austin previously told CNN the U.S. has "offensive options" to respond to cyberattacks, without being more specific.