Hackers backed by the Kremlin are still stealing data’relevant to Russian interests,’ according to a new report.

According to a new study from cybersecurity firm Mandiant, the Kremlin-protected hackers behind last year’s massive SolarWinds cyberattack have continued to collect U.S. data “important to Russian objectives” throughout this year.

According to the Associated Press, the hackers were able to access US and allied government institutions, as well as foreign policy think tanks, utilizing flexible and stealthy ways to go unnoticed for as long as possible.

Mandiant revealed approximately a year ago that Russian state hackers were able to access about 100 firms using standard software provided by SolarWinds. According to Business Insider, major US institutions were targeted, including parts of the State Department, Homeland Security Department, and Pentagon, as well as several private corporations like Microsoft and Intel.

According to the Associated Press, Mandiant claimed in a study released Monday that hackers affiliated to Russia’s SVR foreign intelligence service had continued to mine data. According to Mandiant’s chief technical officer, Charles Carmakal, the number of breached agencies and corporations was lower this year than last year.

The consequences of the hacks, according to Carmakal, were severe, and the organizations affected are still recovering “Also, data is being lost.

“An assessment of the damage caused by hacking is made more difficult because not all organizations reveal whether they’ve been hacked “because they don’t always have to disclose it legally, “Carmakal continued.

See the list below for more Associated Press reporting.

The Russian cyber surveillance took place primarily in the shadows, as it always did, while the US government was captivated in 2021 by a separate, eminently “noisy” and headline-grabbing cyber threat—ransomware attacks perpetrated by criminal gangs rather than nation-state hackers. Those gangs, it turns out, are mostly protected by the Kremlin.

The Mandiant findings follow Microsoft’s October report that the hackers, dubbed Nobelium, continue to infiltrate government agencies, foreign policy think tanks, and other Russian-focused organizations via cloud service companies and so-called managed services providers, on which they increasingly rely. In the report, Mandiant acknowledges Microsoft’s threat researchers.

Russian hackers “continue to innovate and discover new techniques and tradecraft,” according to Mandiant analysts, allowing them to stay in target networks, evade detection, and confuse attempts to link attacks to them. This is a condensed version of the information.