    MSFT   US5949181045

MICROSOFT CORPORATION

(MSFT)
Microsoft : Another Nobelium cyberattack

05/28/2021 | 11:13am EDT
This week we observed cyberattacks by the threat actor Nobelium targeting government agencies, think tanks, consultants, and non-governmental organizations. This wave of attacks targeted approximately 3,000 email accounts at more than 150 different organizations. While organizations in the United States received the largest share of attacks, targeted victims span at least 24 countries. At least a quarter of the targeted organizations were involved in international development, humanitarian, and human rights work. Nobelium, originating from Russia, is the same actor behind the attacks on SolarWinds customers in 2020. These attacks appear to be a continuation of multiple efforts by Nobelium to target government agencies involved in foreign policy as part of intelligence gathering efforts.

Nobelium launched this week's attacks by gaining access to the Constant Contact account of USAID. Constant Contact is a service used for email marketing. From there, the actor was able to distribute phishing emails that looked authentic but included a link that, when clicked, inserted a malicious file used to distribute a backdoor we call NativeZone.This backdoor could enable a wide range of activities from stealing data to infecting other computers on a network. You can read more about the technical aspects of these attacks in this blog postfrom the Microsoft Threat Intelligence Center (MSTIC).

Many of the attacks targeting our customers were blocked automatically, and Windows Defender is blocking the malware involved in this attack. We're also in the process of notifying all of our customers who have been targeted. We detected this attack and identified victims through the ongoing work of the MSTIC team in tracking nation-state actors. We have no reason to believe these attacks involve any exploit against or vulnerability in Microsoft's products or services.

These attacks are notable for three reasons.

First, when coupled with the attack on SolarWinds, it's clear that part of Nobelium's playbook is to gain access to trusted technology providers and infect their customers. By piggybacking on software updates and now mass email providers, Nobelium increases the chances of collateral damage in espionage operations and undermines trust in the technology ecosystem.

Second, perhaps unsurprisingly, Nobelium's activities and that of similar actors tend to track with issues of concern to the country from which they are operating. This time Nobelium targeted many humanitarian and human rights organizations. At the height of the Covid-19 pandemic, Russian actor Strontium targetedhealthcare organizations involved in vaccines. In 2019, Strontium targetedsporting and anti-doping organizations. And we've previously disclosed activity by Strontium and other actors targetingmajor elections in the U.S. and elsewhere. This is yet another example of how cyberattacks have become the tool of choice for a growing number of nation-states to accomplish a wide variety of political objectives, with the focus of these attacks by Nobelium on human rights and humanitarian organizations.

Third, nation-state cyberattacks aren't slowing. We need clear rules governing nation-state conduct in cyberspace and clear expectations of the consequences for violation of those rules. We must continue to rally around progress made by the Paris Callfor Trust and Security in Cyberspace, and more widely adopt the recommendations of the Cybersecurity Tech Accord, and the CyberPeace Institute. But, we need to do more. Microsoft will continue to work with willing governments and the private sector to advance the cause of digital peace.

Tags: cyberattacks, CyberPeace Institute, cybersecurity, MSTIC, Nobelium

Disclaimer

Microsoft Corporation published this content on 28 May 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 28 May 2021 15:12:01 UTC.


© Publicnow 2021
Financials (USD)
Sales 2021 166 B - -
Net income 2021 59 350 M - -
Net cash 2021 63 041 M - -
P/E ratio 2021 31,9x
Yield 2021 0,89%
Capitalization 1 878 B 1 878 B -
EV / Sales 2021 10,9x
EV / Sales 2022 9,64x
Nbr of Employees 163 000
Free-Float 99,9%
Chart MICROSOFT CORPORATION
Duration : Period :
Microsoft Corporation Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends MICROSOFT CORPORATION
Short TermMid-TermLong Term
TrendsBearishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus BUY
Number of Analysts 42
Average target price 294,02 $
Last Close Price 249,31 $
Spread / Highest target 36,4%
Spread / Average Target 17,9%
Spread / Lowest Target 1,64%
EPS Revisions
Managers and Directors
NameTitle
Satya Nadella Chief Executive Officer & Non-Independent Director
Bradford L. Smith President & Chief Legal Officer
Amy E. Hood Chief Financial Officer & Executive Vice President
John Wendell Thompson Independent Chairman
James Kevin Scott Chief Technology Officer & Executive VP
Sector and Competitors
1st jan.Capitalization (M$)
MICROSOFT CORPORATION13.07%1 877 697
SEA LIMITED30.93%136 678
ZOOM VIDEO COMMUNICATIONS, INC.-3.23%96 121
DASSAULT SYSTÈMES SE12.28%59 495
ATLASSIAN CORPORATION PLC-0.85%58 247
PALANTIR TECHNOLOGIES INC.-3.61%42 602