Show an ad over header. AMP

I am the FIRST

Russian SolarWinds hackers are back with new wave of cyberattacks, Microsoft warns

The same Russian hackers behind the massive SolarWinds breach have launched a new wave of cyberattacks targeting government agencies, think tanks, consultants and NGOs, Microsoft disclosed late Thursday night.

Why it matters: The revelation of the ongoing attack comes less than two months after the U.S. imposed sanctions and expelled Russian diplomats in response to the SolarWinds hack, described by Microsoft as the "most sophisticated attack the world has ever seen."


  • The new breach was discovered just weeks before President Biden is set to hold his first in-person summit with Russian President Vladimir Putin in Geneva, and comes on the heels of other Russian-backed cyber espionage campaigns.

Microsoft said the hacking group Nobelium, which is linked to Russia’s main intelligence agency, was behind the attack.

  • The Kremlin-linked hacking group took control of a U.S. Agency for International Development account and sent legitimate-looking emails containing malicious files to international human rights groups and humanitarian organizations, according to Microsoft.
  • Microsoft, which monitors for malicious activity on the internet, said this attack "differs significantly" from the SolarWinds breach, with the hackers appearing to use newer tools and tradecraft.

How it works: Nobelium gained access to USAID's Constant Contact email marketing account, allowing the group to send malicious emails that appeared to come from genuine government addresses to 3,000 emails across more than 150 organizations.

  • The emails contained a "backdoor" through which the hacks could steal data and infect other computers on a network. Some of the emails were flagged by automated email threat detection systems, but some may have been successfully delivered.
  • Many of the organizations targeted have been critical of Putin and have revealed and condemned Russian action against dissidents, including the poisoning and jailing of opposition leader, Alexei Navalny, according to the New York Times.
An example of a phishing email meant to resemble a legitimate email from USAID. Screenshot: Microsoft

What they're saying: A spokesperson for the Cybersecurity and Infrastructure Security Agency told the Times Thursday that the agency was “aware of the potential compromise, and that it was working with USAID and the FBI "to better understand the extent of the compromise and assist potential victims.”

  • "First, when coupled with the attack on SolarWinds, it’s clear that part of Nobelium’s playbook is to gain access to trusted technology providers and infect their customers," Tom Burt, a Microsoft vice president, wrote in a blog post Thursday.
  • "By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem," Burt added.
  • “At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work."

The big picture: The attack suggests Russia is not slowing its hacking campaigns against the U.S. government and U.S.-based companies, despite new sanctions.

Why the startup world needs to ditch "unicorns" for "dragons"

When Aileen Lee originally coined the term "unicorn" in late 2013, she was describing the 39 "U.S.-based software companies started since 2003 and valued at over $1 billion by public or private market investors."

Flashback: It got redefined in early 2015 by yours truly and Erin Griffith, in a cover story for Fortune, as any privately-held startup valued at $1 billion or more. At the time, we counted 80 of them.

Keep reading... Show less

Scoop: Facebook's new moves to lower News Feed's political volume

Facebook plans to announce that it will de-emphasize political posts and current events content in the News Feed based on negative user feedback, Axios has learned. It also plans to expand tests to limit the amount of political content that people see in their News Feeds to more countries outside of the U.S.

Why it matters: The changes could reduce traffic to some news publishers, particularly companies that post a lot of political content.

Keep reading... Show less

Scoop: Amazon quietly getting into live audio business

Amazon is investing heavily in a new live audio feature that's similar to other live audio offerings like Clubhouse, Twitter Spaces and Spotify's new live audio platform, sources tell Axios.

Why it matters: As with Amazon's efforts in podcasting and music subscriptions, the company sees live audio as a way to bolster the types of content it can offer through its voice assistant, Alexa, and its smart speaker products.

Keep reading... Show less

Hurricane Ida exposes America's precarious energy infrastructure

The powerful hurricane that plunged New Orleans into darkness for what could be weeks is the latest sign that U.S. power systems are not ready for a warmer, more volatile world.

The big picture: “Our current infrastructure is not adequate when it comes to these kinds of weather extremes,” Joshua Rhodes, a University of Texas energy expert, tells Axios.

Keep reading... Show less

"We must go further": 70% of adults in European Union are fully vaccinated

About 70% of adults in the European Union are fully vaccinated against COVID-19, Ursula von der Leyen, the president of the European Commission, said Tuesday.

Why it matters: The milestone makes the E.U. one of the world's leaders in inoculations, after an initially lagging vaccine campaign, the New York Times notes.

Keep reading... Show less

What Elizabeth Holmes jurors will be asked ahead of fraud trial

Jury selection begins today in USA v. Elizabeth Holmes, with the actual jury trial to get underway on Sept. 8.

Why it matters: Theranos was the biggest fraud in Silicon Valley history, putting both hundreds of millions of dollars and thousands of patients' health at risk.

Keep reading... Show less

Insights

mail-copy

Get Goodhumans in your inbox

Most Read

More Stories