Microsoft Accuses SolarWinds Hackers of USAID Cyberattack

Nobelium allegedly emailed over 3,000 accounts and more than 150 government agencies, think tanks, consultancies, and NGOs posing as USAID.

Microsoft has blamed the Russian SolarWinds hackers, Nobelium, for compromising the United States Agency For International Development’s (USAID) mass email system to violate the accounts of over 150 global government agencies, human rights groups, and non-governmental organizations (NGOs), the Financial Times reports.

It was the same group behind manipulating SolarWinds software to break into the U.S. Treasury and Commerce departments, the Pentagon, and several Fortune 500 companies.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

Nobelium allegedly emailed over 3,000 accounts posing as the USAID under the latest attack, Reuters reports. It did so by gaining access to an email marketing account on Constant Contact, the popular email marketing platform used by USAID.

The attack, which mainly focused on the U.S., encompassed at least 24 countries. At least 25% of the victims were involved in international development, humanitarian, and human rights work.

Microsoft said the attacks seemed like an extension of multiple efforts to target intelligence and foreign policy government agencies.

Russia refuted the SolarWinds cyberattack allegations this month.

President Joe Biden recently prioritized cybersecurity funding following the multiple hacks.

[An executive order signed by Biden on May 12 calls for the federal government to employ a zero-trust security model and accelerate the movement to secure cloud services. It mandates the deployment of multifactor authentication and encryption within a specific time period. The order also establishes “baseline security standards for the development of software sold to the government, including requiring developers to maintain greater visibility into their software and making security data publicly available.” — CFO]

This story originally appeared on Benzinga. © 2021

Benzinga does not provide investment advice. All rights reserved.