To say online security has become an important aspect on the digital world would be a drastic understatement. Protecting your personal information feels like a full-time job at this point, as security breaches and ransomware attacks have become exceedingly common in recent years. Now, Microsoft is warning government agencies that an advanced email attack is combing the US and 23 other countries for vulnerabilities that could lead to some serious problems. The attack was propagated by Nobelium — the Russian threat group behind the infamous SolarWinds attack. The nefarious actors used Constant Contact, an email marketing platform, to gain access to the accounts of members of the United States Agency for International Development (USAID). From there, hackers sent phishing emails to a wide range of other notable organizations in hopes of getting users to click on a malicious link that downloaded malware onto their devices. This would then provide a backdoor to Nobelium to access these organizations as they see fit. Constant Contact has been swift in disconnecting affected accounts and cooperating with organizations to get to the root of the problem, but as Microsoft puts it, this is nothing if not a notable hack.
The Intent – Perhaps the biggest concern is that Nobelium’s intent here is unsettling. Having focused their attacks on trusted technology providers, Microsoft believes that the threat group’s attacks purposefully “undermine trust in the technology ecosystem,” which could lead to “collateral damage in espionage operations.”The Victims – Once Nobelium had access to these technology providers, their primary subjects of focus were humanitarian and human rights organizations, which further shows that there is a political element to these attacks.The Frequency – These kinds of large scale cyber attacks aren’t slowing down, and it’s at least partly due to a lack of action on laws and regulations to keep nation-states from engaging in this kind of nefarious behavior.
Simply put, this isn’t just another breach of a company with lax security. This is a coordinated effort from a Russian-based hacker group with plans to sow discord in any way they can. And it’s working. Password managers are arguably one of the best and most important avenues to a safe online experience. As the first — and sometimes only — obstacle to stealing your personal information, a strong one that is encrypted through a good password manager can do wonders when it comes to keeping you safe. Antivirus software and VPNs are two more online tools that can seriously improve your online security, by keeping viruses at bay and hiding your online activity, respectively. When it comes to phishing scams though, like the one propagated by Nobelium here, your best defense is a bit of vigilance. While Microsoft noted that this email was particularly authentic, the reality is that keeping your eyes out for anything suspicious — particularly when clicking links or providing personal information — can go a long way in keeping you safe online.