Drew Angerer/Getty Images Microsoft said the group behind the SolarWinds attack is targeting government agencies, NGOs, and think tanks. Nobelium, a Russian group, sent about 3,000 malicious emails to accounts across 150 different organizations, Microsoft said. Nobelium broke into an email marketing account used by a US aid agency to stage the email campaign, Microsoft said. The group behind the SolarWinds cybersecurity attack is now targeting government agencies, think tanks, consultants, and non-governmental organizations, Microsoft said on Thursday. Russian-based Nobelium targeted around 3,000 email accounts across more than 150 different organizations, Tom Burt, Microsoft vice president of customer security and trust, wrote in a blog post on Thursday.