Microsoft Reports Highly Targeted Attacks from Nobelium

Microsoft has detected recent limited activity emanating from the threat tracked as Nobelium which was originally responsible for the compromise of SolarWinds Orion in December. According to Microsoft, this recent activity was targeted at specific customers, primarily IT companies (57%), followed by government (20%). Microsoft is contacting all customers that were compromised or targeted through its nation-state notification process. While the attacks thus far have been mostly unsuccessful, highly targeted, and known to have only compromised three victims, the activity does highlight the importance of identity access methods including the need for multifactor authentication (MFA), the benefits of Zero Trust Architecture, and the implementation of least privilege access controls (found in WaterISAC’s 15 Cybersecurity Fundamentals for Water and Wastewater Utilities, #4 – Enforce User Access Controls) to protect against similar threats. Read more about the recent Nobelium activity at Microsoft.