Russian threat actor Nobelium has launched cyber-attacks targeting organizations involved in international development, humanitarian and human rights work. Earlier in 2020, Nobelium was also involved in the attacks on SolarWinds customers.
What’s happening: According to Microsoft Threat Intelligence Center (MSTIC), Nobelium (attackers) is targeting government agencies, think tanks, consultants, and non-governmental organizations mainly in the United States (US). Other than the US, the actor has targeted at least 24 other countries. Just like before, this time the target of the cyber attack was largely government agencies involved in foreign policy as part of intelligence gathering efforts. Also Read: Amazon acquires MGM for whopping $8.45 billion to bolster its Prime membership offering
- The malicious email campaign operated by Nobelium escalated on May 25, 2021, as it leveraged the valid mass-mailing service, Constant Contact, to masquerade as a US-based development organization (USAID) and allocated malicious URLs to several organizations and industry verticals.
What does it all mean: It’s a new form of warfare. Cyber attacks are now the tool for countries to fulfill their political objectives. These new attacks by Nobelium focused on human rights and humanitarian organizations.
What do can we do: Countries need to formulate clear rules governing nation-state conduct in cyberspace. They also must outline clear expectations of the consequences for violation of the cyber rules.
- According to Microsoft, countries must rally around progress made by the Paris Call for Trust and Security in Cyberspace
- Countries must approve the recommendations of the Cybersecurity Tech Accord, and the CyberPeace Institute