In a post dated October 24, Microsoft stated that Nobelium's latest wave targeted "resellers and other technology service providers" of cloud services.
The Russian-based agency responsible for last year's massive SolarWinds cyber attack has targeted hundreds more companies and organizations in its latest wave of attacks on computer systems in the United States, according to Microsoft in a blog post.
In an Oct. 24 blog post, Microsoft stated that Nobelium's latest wave targeted "resellers and other technology service providers" of cloud services. Microsoft said the attacks were part of a larger summer campaign and that it had notified 609 customers that they had been attacked between July 1 and Oct. 19.
Microsoft told the New York Times, which first reported the breach, that only a small percentage of the most recent attempts were successful, but it provided no further details.
Officials from the United States' cybersecurity agency could not be reached immediately to confirm the report.
The operation was confirmed by US officials to the Times, with one unnamed senior administration official describing it as "unsophisticated, run-of-the-mill operations that could have been prevented if the cloud service providers had implemented baseline cybersecurity practices."
"This recent activity is another indicator that Russia is attempting to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling targets of interest to the Russian government - now or in the future," Microsoft wrote.