Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesLogical SecurityCybersecurity News

SolarWinds hackers, Nobelium, targeting global IT supply chain

By Maria Henriquez
supply-chain-attack-freepik.jpg
October 26, 2021

The same Russian nation-state actor behind the cyberattacks targeting SolarWinds customers in 2020, Nobelium, has targeted organizations integral to the global IT supply chain. 


According to Microsoft, since May 2021, Nobelium has been attempting to replicate the approach it used to attack SolarWinds, but this time using its tactics to target a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers. 


Microsoft says Nobelium hopes to “piggyback” on any direct access resellers may have to their customers’ IT systems and more easily impersonate an organization’s trusted technology partners to gain access to their downstream customers. 


Since May, Microsoft has been notifying more than 140 resellers and service providers that Nobelium has targeted, and 14 of those resellers and service providers have been compromised. 


Jake Williams, Co-Founder and CTO at BreachQuest, an Augusta, Georgia-based leader in incident response, says, “Supply chain threats extend well beyond just software. IT service providers often have relatively poor security themselves while simultaneously having access to numerous customer networks (often hundreds).”


The attacks are part of a larger wave of Nobelium activities, Microsoft says. “Between July 1 and October 19 this year, we informed 609 customers that they had been attacked 22,868 times by Nobelium, with a success rate in the low single digits. By comparison, prior to July 1, 2021, we had notified customers about attacks from all nation-state actors 20,500 times over the past three years,” Microsoft says. 


These attempts indicate Russia is trying to gain long-term, systematic access to various points in the tech supply chain and establish a mechanism for surveillance, now or in the future, targets of interest to the Russian government, Microsoft says. 


Chris Morgan, Senior Cyber Threat Intelligence Analyst at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, says, “The activity demonstrates the significant risk to organizations when an APT group targets privileged accounts. Trusted relationships between providers and user organizations are highly valuable and an essential part of modern security processes. Compromising privileged accounts that have a high level of access enables threat actors to move through the cyber kill chain with little chance of being detected.”


Morgan adds, “Given that many of the organizations impacted by this activity are reportedly cloud and managed service providers, it is possible that the scope of this incident could increase. NOBELIUM is known for its resourcefulness in moving laterally across supply chains. Additional impacted organizations may surface in the coming months.”


It’s unsurprising that the Russian SVR continues to remain active as the mission of gathering intelligence never goes out of style, says Oliver Tavakoli, CTO at Vectra, a San Jose, California-based AI cybersecurity company. “These new attacks, which focus on infiltrating service providers and leveraging the trust that is placed on them by their customers, present new challenges as the signals left behind by each attack span multiple organizations. The attacks do share some of the hallmarks of the SolarWinds hack in leveraging the interconnected nature of on-premise, cloud identity, SaaS application, and public cloud footprints and hopscotching through these as necessary to achieve an end goal.”


Williams says, “Implementation of some of the recommended mitigation measures, such as reviewing, hardening, and monitoring all tenant administrator accounts, reviewing service provider permissions and reviewing auditing logs, should be table stakes for security in any larger organization. However, the reality is that most organizations are resource-strapped. This makes complying with these recommendations difficult for more organizations.”

KEYWORDS: cyber security data breach nation-state security risk management supply chain

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Technologies & Solutions
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Keyboard

    A Chinese espionage group is targeting the IT supply chain

    See More
  • workforce

    FBI: Kwampirs Malware Targeting Supply Chain Software Providers

    See More
  • Been Hacked? Let That Be a Lesson to You

    Global phishing campaign targeting the COVID-19 vaccine cold chain

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing