Log in
Log in
Or log in with
Twitter Twitter
Facebook Facebook
Apple Apple     
Sign up
Or log in with
Twitter Twitter
Facebook Facebook
Apple Apple     


Real-time Estimate Cboe BZX  -  06:06:41 2023-06-08 pm EDT
324.96 USD   -0.09%
05:18pMeta previews generative AI tools planned for its platforms
04:00pAI startup Cohere raises funds from Nvidia, valued at $2.2 billion
03:42pSector Update: Energy Stocks Mixed Late Thursday
SummaryMost relevantAll NewsAnalyst Reco.Other languagesPress ReleasesOfficial PublicationsSector newsMarketScreener Strategies

Microsoft : How nation-state attackers like NOBELIUM are changing cybersecurity

09/29/2021 | 06:02pm EDT

This is the first post in a four-part series on the NOBELIUM nation-state cyberattack. Microsoft started telling the industry about this extremely advanced cyberattack in December 2020. The NOBELIUM blog series-which mirrors Microsoft's four-part video series "Decoding NOBELIUM"-will pull the curtain back on the world of threat detection and showcase insights from cybersecurity professionals on the front lines, both Microsoft defenders and other industry experts.

In many ways, the NOBELIUM nation-state cyberattack realized the deepest fears of United States cybersecurity experts, according to Microsoft 365 Security Corporate Vice President Rob Lefferts. It was a supply chain attack. It was methodically planned and executed. And it impacted multiple world-class companies with strong security teams. Perhaps, your company was one of them-or perhaps you know someone who works at a company that was affected. As we begin Cybersecurity Awareness Month in October, the far-reaching nature of such attacks is ever-present on our minds, which is one reason why more than 3,500 Microsoft security experts actively defend and protect organizations from cyberattacks every day.

Nation-state attacks are malicious cyberattacks that originate from a particular country and are an attempt to further that country's interests. Numerous organizations were impacted by the NOBELIUM attacks. Such attacks are fueled by geopolitical competition and a desire to gain an advantage over other nations, such as by stealing intellectual property for economic benefit or supporting traditional espionage.

In December 2020, Microsoft began sharing information with the cybersecurity industry on what would become widely recognized as the most sophisticated nation-state cyberattack in history. NOBELIUM, a group of Russia-based hackers, gained access to multiple enterprises through vulnerable software code, stolen passwords, compromised on-premises servers, and minted SAML tokens.

In this supply chain attack, hackers were able to access the SolarWinds code, slip malicious code into a piece of the software, and use the vendor's legitimate software updates to spread their malware to customer systems. Successful attacks gave NOBELIUM hackers high-level permissions on the downstream compromised systems.

Why should enterprises worry about nation-state attacks?

Historically, nation-state actors directly targeted infrastructure, think tanks, and governments of other countries. However, as organizations improve their defenses, sophisticated actors look for new ways to gain access to their targets through the vendors, software, and networks they rely upon. Enterprises are also increasingly at risk of attacks as nation-state actors expand their objectives to pursue intellectual property theft. As a result, enterprises are often targeted by nation-state actors attacking the networks of their customers, partners, or vendors through their own network or software. The Microsoft Threat Intelligence Center, which collects billions of data points to gather threat intelligence, has observed that enterprises are increasingly at risk of these attacks.

Consider these statistics, which show the magnitude of security threat from nation-state attacks:

  • 35 percent of all nation-state attacks are targeted at enterprises, according to the CSO article, "Nation states: Cyberconflict, and the Web of Profit."1
  • 78 percent increase in attacks on supply chain vendors, according to the CPO Magazine article "HP Study: Nation-state Cyber Attacks Double Between 2017 and 2020 as World Edges Toward Open Cyber Warfare."2
  • 13,000 nation-state attack alerts emailed to customers during the past two years, according to the September 2020 Microsoft Digital Defense Report.

Unlike other types of cybercriminals, who exploit a vulnerability and move on, nation-state attackers are persistent and determined to achieve their objectives. They invest serious time profiling their targets and probing their network for vulnerabilities and are continually adding more tools and skills to their capabilities. Any organization-regardless of size-could be a potential target.

Another reason the NOBELIUM attack matters to the enterprise is that state-sponsored attackers often have unlimited monetary and technical support from their countries, giving them access to unique, modern hacking techniques and tactics.

"Nation-state actors are hard because they effectively have infinite funding and they're above the law - at least in their country," said Roberto, Principal Consultant and Lead Investigator of the Microsoft Detection and Response Team. "They have very good technical resources, so it's not like they're going to give up. It's one of the reasons we put in the 80-hour weeks."

NOBELIUM's long-term impact

How did the NOBELIUM attack unfold and how has it changed cybersecurity? In the first episode of our four-part video series Decoding NOBELIUM: When Nation-States Attack, security professionals share behind-the-scenes details and weigh in on the lasting impacts of the NOBELIUM attack on cybersecurity. Watch the episode to learn security strategies you can implement in your organization, like which vulnerabilities to patch.

Microsoft is committed to helping organizations stay protected from cyberattacks, whether cybercriminal or nation-state. In particular, nation-state adversaries have significant expertise and resources and will develop new attack patterns with the specific intent of furthering their geopolitical objectives. Consistent with our mission to provide security for all, Microsoft will continue to use our leading threat intelligence and global team of dedicated cybersecurity defenders to help protect our customers and the world. Just two recent examples of Microsoft's efforts to combat nation-state attacks include a September 2021 discovery and investigation of a NOBELIUM malware referred to as FoggyWeb and our May 2021 profiling of NOBELIUM's early-stage toolset compromising EnvyScout, BoomBox, NativeZone, and VaporRage.

For immediate support, reach out to the Microsoft Security Response Center. Keep an eye out for future posts in the NOBELIUM nation-state attack series. In these posts, we'll share the story of how we discovered the attack, how we fought the threat, and how the attack has shaped the future of cybersecurity.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

1Nation States, Cyberconflict, and the Web of Profit, CSO, 2021.

2HP Study: Nation-State Cyber Attacks Double Between 2017 and 2020 as World Edges Toward Open Cyber Warfare, Scott Ikeda, CPO Magazine. 22 April 021.


Microsoft Corporation published this content on 29 September 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 29 September 2021 22:01:06 UTC.

ę Publicnow 2021
05:18pMeta previews generative AI tools planned for its platforms
04:00pAI startup Cohere raises funds from Nvidia, valued at $2.2 billion
03:42pSector Update: Energy Stocks Mixed Late Thursday
02:28p8x8 XCaaS Platform Deployed by Southwest Transplant Alliance
01:54pSector Update: Energy Stocks Lower in Afternoon Trading
09:55aApple Vision Pro: Is it doomed to fail?
09:32aReturn of the hawks
06:35aSocial Buzz: Wallstreetbets Stocks Mostly Up Premarket; Palantir Technologie..
06:30aFutures muted as bond yields rise on rate jitters
06:00aMicrosoft, Google strategy to test AI search ads irks some brands
More news
Analyst Recommendations on MICROSOFT CORPORATION
More recommendations
Financials (USD)
Sales 2023 211 B - -
Net income 2023 71 093 M - -
Net cash 2023 63 870 M - -
P/E ratio 2023 33,9x
Yield 2023 0,82%
Capitalization 2 404 B 2 404 B -
EV / Sales 2023 11,1x
EV / Sales 2024 9,82x
Nbr of Employees 221 000
Free-Float 99,8%
Duration : Period :
Microsoft Corporation Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends MICROSOFT CORPORATION
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus BUY
Number of Analysts 50
Last Close Price 323,38 $
Average target price 342,55 $
Spread / Average Target 5,93%
EPS Revisions
Managers and Directors
Satya Nadella Chairman & Chief Executive Officer
Bradford L. Smith President & Chief Legal Officer
Amy E. Hood Chief Financial Officer & Executive Vice President
James Kevin Scott Chief Technology Officer & Executive VP
Hemma Prafullchandra CTO
Sector and Competitors
1st jan.Capi. (M$)
SYNOPSYS INC.36.34%66 238
THE TRADE DESK, INC.64.31%36 009
Secure and increase the performance of your investments with our team of experts at your side.
Securing my Investments