Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

‘SolarWinds Hackers’ Now Hitting Resellers: 5 Things To Know

From leveraging anonymous infrastructure and taking advantage of delegated administrative privileges to gaining access to virtual machines, here’s how the group behind the SolarWinds attack is going after resellers.

1   2   3   ... 6 Next

In The Line Of Fire

The Russian foreign intelligence service (SVR) has set its sight on resellers and other service providers in a months-long campaign to gain administrative-level access and spy on their customers, Microsoft said Sunday. The campaign comes months after the SVR compromised nine federal agencies as well as more than 100 private sector organizations through a flaw in the SolarWinds Orion network monitoring tool.

“We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers,” said Tom Burt, Microsoft’s corporate vice president of customer security and trust. The SVR is also known as APT 29, Cozy Bear and Nobelium.

Mandiant is working with organizations impacted by the SVR’s latest effort and has seen downstream victims in North America and Europe, with intrusion activity still ongoing, a company spokesperson said. From leveraging anonymous infrastructure and taking advantage of delegated administrative privileges to gaining access to virtual machines, here’s how Russian hackers are going after IT solution providers.

 
 
1   2   3   ... 6 Next

sponsored resources