Guessing poor passwords and basic email phishing attacks really seem to work, according to a report out from Microsoft today that the Russian hackers behind the SolarWinds attack have been using this basic technique to successfully breach as many as 14 U.S.-based companies.
The SolarWinds hackers, known as Nobelium and previously identified as part of Russia's foreign intelligence service, have been actively trying to attack more than 140 U.S.-based companies since May, according to the release. Microsoft believes it has identified the successful breaches early enough to help the companies prevent the hackers from being more successful. The Biden administration tried to punish the Russian government when the hackers were linked to the SolarWinds attack in 2020, but the Microsoft report shows those warnings have gone unheeded.
"This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government," Tom Burt, the corporate vice president for customer security and trust at Microsoft, wrote in today's announcement.
The company also released guidance for tech and IT companies to protect themselves from further attacks, and most of the advice reminds these companies that multi-factor authentication, removing old administrator and user accounts and other basic security protocols can help protect against the fairly low-level hacking attempts that Microsoft has witnessed succeed.