Microsoft update on nation-state actor issued

Oct 26, 2021 - 01:52 PM
Cybersecurity Lock on Gold Wall

Microsoft on Sunday posted an update on the latest activity by Nobelium, a Russian nation-state actor behind cyberattacks on SolarWinds customers in 2020.

“This recent activity is another indicator that Russia is trying to gain long-term, systematic access to a variety of points in the technology supply chain and establish a mechanism for surveilling — now or in the future — targets of interest to the Russian government,” the blog post states. 

John Riggi, AHA senior advisor for cybersecurity and risk, said, “The Nobelium threat group, which according to the U.S. government was responsible for the broad supply chain attack leveraging the SolarWinds platform, is now attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers. This threat highlights the need for hospitals and health systems to have robust third-party risk management programs that carefully evaluate the cyber risk their organizations could be exposed to through their technology supply chains and services, should those supply chains and services be compromised. These risks are potentially strategic in nature and have national security, business and care delivery implications that go far beyond the protection and privacy of protected health information.”

For more information on this or other cyber and risk issues, contact Riggi at jriggi@aha.org

Related News Articles

Headline
Administration releases memo on cybersecurity governance for national security systems
President Trump issued a memorandum June 12 on cybersecurity governance for national security systems used by federal agencies. The memo re-establishes and…
Headline
Automatic tank gauge systems targeted by cyber actors, agencies warn
The Cybersecurity and Infrastructure Security Agency and other federal agencies released a fact sheet June 2 on malicious cyber activity targeting U.S.-based…
Headline
Alert warns of cyber campaign by Chinese military intelligence to obtain classified or privileged information
The FBI and international agencies have released an alert on Chinese military intelligence services using professional networking sites and online job…
Headline
White House issues executive order on cybersecurity for AI
The White House issued an executive order June 2 on cybersecurity efforts regarding artificial intelligence. The order instructs federal…
Headline
Guide issued for healthcare organizations on cyber governance frameworks for secure AI implementation 
The Health Sector Coordinating Council’s Cybersecurity Working Group has released a guide to help healthcare organizations establish cyber governance…
Headline
FBI issues alert on cyber actors impersonating IT personnel 
The FBI has released an alert on a cyber threat group called the Silent Ransom Group, which has targeted healthcare and other industries in recent years using…