SolarWinds Hackers Are After the Global IT Supply Chain Again

The hackers' main techniques this time include phishing emails and brute-forcing password logins.
Adam Rowe

The Russian hacker group Nobelium launched a massive cyberattack on the US last year through a software update from software developer SolarWinds.

Now, according to Microsoft executives, those same hackers are back, once again targeting the global IT supply chain. So far Microsoft has identified 140 technology service providers and resellers that have been affected, with 14 that Microsoft believes were compromised.

It's not exactly something that the global supply chain needs right now — thanks to pandemic-related slowdowns, businesses are already bracing for a rough holiday season.

How Nobelium's New Campaign Works

Tom Burt, Microsoft corporate vice president of customer security and trust, explained the news in a recent blog post. As Burt puts it, the hackers are attempting to replicate their previous attacks by aiming at targets essential to the supply chain. But, this go-around, those targets are slightly different:

“This time, it is attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers. We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partner to gain access to their downstream customers.”

The hackers' plan seems to be to silently compromise customers by accessing and impersonating companies' B2B partners.

The hackers' main techniques this time include phishing emails as well as a method of brute-forcing account logins called “password spray,” which involves inputting common passwords en masse.

Nobelium is Staying Busy

Microsoft first noticed the hacking campaign in May 2021, ultimately notifying 140 operations that were targeted. They believe 14 were compromised, despite the campaign being noticed in its early stages.

This whole deal isn't the only hacking that Microsoft has spotted Nobelium getting up to, either: Burt notes that the software company found 22,868 attacks on 609 customers between July 1st and October 19th of 2021 — a number way up from the 20,500 attacks from all nation-state actors across the past three years.

It's “another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” according to Burt.

Why Supply Chains Are in Bad Shape

Pandemic-related supply chain bottlenecks will be a major concern for retailers this holiday season and well into next year.

Six of every 10 retail executives have signaled their worries about getting their holiday orders in a timely manner, a new Deloitte report has found, while 75% of consumers worry about stores running out of stock as well.

And while the retail supply chain is distinct from the IT supply chain that Nobelium appears to be attempting to gain surveillance over, the two bump up against each other frequently. The famously cheap Raspberry Pi single-board computer just raised its prices for the first time ever, citing the chip supply crisis. Any consumers and companies distracted by these product-related supply chain struggles are easy targets for hackers.

The only short-term solution for retailers is to order their holiday stock as early as possible. But for key tech businesses that may face a password spray attack from Nobelium, there's one obvious answer: Warn all your employees not to use “Password123” and get them the high-quality password management tool that helps them do it. Here's a quick look at our top picks.

0 out of 0
Local Storage Option
Two-Factor Authentication
Failsafe Function
Password Generator Function
A password manager can create secure, complex passwords for you. You won't need to remember them yourself.
Help Instructions
Email Support
Live Chat Support
Phone Support
Business Plan?
Business Price
Cheapest available business plan
Click to Try

LastPass

1Password

Dashlane

NordPass

Sticky Password

$4/user/month

$19.95/10 users

$60/user

$29.99/user

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He's also a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and he has an art history book on 1970s sci-fi coming out from Abrams Books in 2022. In the meantime, he's hunting own the latest news on VPNs, POS systems, and the future of tech.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals