Who’s behind this attack? The criminals behind SolarWinds

May 28, 2021

EXECUTIVE SUMMARY:

In December of 2020, the SolarWinds/Sunburst attack affected more than 18,000 organizations worldwide. It gained notoriety as one of the most heinous cyber attacks on record. In recent months, the attack was formally attributed to a cyber crime syndicate known as Nobelium. These hackers are believed to be behind a new wave of cyber attacks, which received international publicity for the first time this week.

How it started

The latest wave of cyber attacks started with a breach of USAID, the US government agency responsible for international development and disaster assistance. Hackers managed to access the organization’s Constant Contact email platform, through which they distributed phishing emails laced with malware.

As many as 3,000 email accounts within over 150 organizations received the spoofed messages. The threats could not only affect business operations, but it could also impact large-scale international diplomacy initiatives, if successful.

Why these attacks matter

When viewed in relation to the SolarWinds attacks, it appears that the Nobelium hackers intend to gain access to trusted organizations in order to disrupt the operations of their customers. In this latest attack, which lacks a specific name, Nobelium piggybacked on software (Constant Contact) in order to carry out its objectives. As a result, Nobelium has undermined trust in the technology ecosystem.
Nobelium targeted human rights organizations. This is problematic at any point in time, but particularly as a global pandemic continues to sicken an average of 600,000 people per day, killing an estimated 12,200 per day.
Nation-states appear to be increasing their cyber criminal activities. Are cyber wars unfolding? A greater volume of nation-state attacks means more disruptions to national and international affairs, to business organizations and to individuals. In certain contexts, such attacks can create extraordinarily uncomfortable physical conditions and can endanger human life.

For more on this story, visit The Guardian.