Russian-linked hacking organization that has been blamed for an attack on the U.S. governmentCybersecurity experts say that a substantial number of U.S.-based private firms targeted major players in the global tech supply chain last year. Microsoft

Nobelium, the hacking group, is infamous for the SolarWinds hack

On Monday, Tom Burt, Microsoft corporate vice president of customer security and trust, said Nobelium has “been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain.”

Burt stated, “This time it’s attacking another part of the supply chains: resellers, and other technology service provider that custom, deploy, and manage cloud services, and other technologies for their customers.” wrote in a blogMonday

Nobelium could not be reached for comment. Burt stated that Nobelium wants to “piggyback” on resellers’ direct access to customers’ IT systems. This would enable the group “more easily to impersonate an organisation’s trusted tech partner in order to gain access their downstream customers.”

Phishing emails have been used by hackers, as well as a method known as password spray. This involves using commonly used passwords (Password1 or 1234) against multiple accounts and then moving on to a new password.

Burt stated that Microsoft had been monitoring Nobelium’s “campaign” from May 2021. It also said that the company has been informing customers and partners about those who have been affected. According to Burt, Microsoft has been working closely with U.S. government agencies and European governments.

Nobelium claims that it has targeted around 140 technology service providers, resellers, and other tech companies so far.

“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling – now or in the future – targets of interest to the Russian government,” Burt wrote.

CNBC did not receive a response from the Russian Embassy London. Dmitry Peskov, the Russian Presidential Spokesman, denied any previous hacking allegations.

According to him, “Even though there have been attacks on many occasions over the months that were not dealt with by America, maybe it’s wrong to blame Russians immediately.” told Tass news agency “We don’t have anything to do with it.”

Microsoft has published “technical guidance”This Monday is designed to protect organizations against new Nobelium activities.