[ad_1]
Microsoft said on Thursday that the Russian hackers behind the SolarWinds espionage campaign launched a new wave of global cyber attacks by hijacking the e-mail system used by US government agencies.
American Technology Corporation Say The organization launched attacks this year against 3,000 email accounts of more than 150 government agencies, think tanks, consulting companies, and non-governmental organizations.
Microsoft started tracking this work in January, but the attack upgrade This week, hackers hijacked a mass email system called “Constant Contact” and disguised it as the United States Agency for International Development. They use it to initiate malicious emails or phishing campaigns. If the recipient clicks on the link in the email, hackers can perform “a wide range of activities from stealing data to infecting other computers on the network.”
Microsoft called the plan an “active event”, mainly in the United States, but involving at least 24 countries. At least a quarter of the targets are involved in international development, humanitarian and human rights work.
The company blamed the attacks on the same Russian organization that carried out the large-scale attacks SolarWinds espionage Last year, hackers hijacked software produced by the Texas-based company in order to gain access to the U.S. Department of Commerce and Treasury, as well as other local and federal agencies.This The White House says Last month, the organization was part of the Russian Foreign Intelligence Service.
US President Joe Biden (Joe Biden) faces a call to strengthen the country’s cyber defenses after his campaign, this is the most recent one Spy activities supported by the Chinese government Exploit vulnerabilities in Microsoft email software and attacks on the United States Oil pipeline Acquired by a criminal group this month.
Biden Administration Impose sanctions About Russia and Sign executive orders This month, federal agencies and their technical software providers are required to develop higher cybersecurity standards.
Microsoft said that “many attacks” against its customers were blocked because automated systems marked emails as spam and its systems prevented malware from gaining access.
Despite these security measures, it is not clear whether any organizations have been compromised. Microsoft declined to comment.
Tom Burt, Microsoft’s corporate vice president responsible for customer safety and trust, said that the recent attack “appears to be [the hackers] As part of the intelligence gathering work, target government agencies involved in foreign policy.”
“Plus the attack on SolarWinds, it’s clear [the hackers’] The script is to gain access to trusted technology providers and infect their customers,” he added.
Constant Contact stated that it “was aware that one of our customer’s account credentials had been compromised and was used by malicious actors to access the customer’s Constant Contact account.”
“This is an isolated incident, and we temporarily disabled the affected accounts while working with customers working with law enforcement agencies,” it added.
Daily newsletter
©Financial Times
#techFT brings you news, comments and analysis on big companies, technologies and issues, which are made up of experts from all over the world. click here Get #techFT in your inbox.
[ad_2]
Source link
