Global Technology Supply Chain Under Attack
Microsoft recently announced the hackers behind the SolarWinds cyberattack have now turned their attention to the global technology supply chain, including resellers and providers of cloud technology. That coordinated attack, observed in May, was attributed to a group called Nobelium, the same state-sponsored Russian hackers who used malware to infect more than 18,000 customers of SolarWinds last year.
Microsoft announced in a blog this week that so far 140 technology service providers and resellers have been notified as recent targets of the hackers and 14 so far are believed to be compromised.
Microsoft described the attacks as unsophisticated operations that weren’t attempting to exploit any flaws or vulnerabilities in software, but instead using well-known techniques to steal credentials. By targeting technology service providers and resellers, you can piggyback on any direct access that resellers may have to their customers’ IT systems.
Microsoft also released this technical guidance outlining how Nobelium attempts to move laterally across networks to reach downstream customers.
I encourage you as an end user, to talk to your technology service providers and partners, about not only your cyber defense strategy in case your network gets penetrated, but also theirs. You have the right to know what steps your technology service provider is taking to protect their own network and systems from outside cyberthreats. If they can’t give you assurance that they are mastering their own cyber defense, what makes you think they should be handling yours?
2W Tech is a technology service provider and Microsoft Gold Partner. Give us a call today and let us share our best practices for cybersecurity within our own business and how we can help you with yours.