Nobelium—the name Microsoft gave to the intruders—was eventually expelled, but the group never gave up and arguably has only become more brazen and adept at hacking large numbers of targets in a single stroke. The latest reminder of the group’s proficiency comes from security firm Mandiant, which on Monday published research detailing Nobelium’s numerous feats—and a few mistakes—as it continued to breach the networks of some of its highest-value targets.
One of the things that made Nobelium so formidable was the creativity of its TTPs, hacker lingo for tactics, techniques, and procedures. Rather than breaking into each target one by one, the group hacked into the network of SolarWinds and used the access, and the trust customers had in the company, to push a malicious update to roughly 18,000 of its customers.
Read 15 remaining paragraphs | Comments