Microsoft: Iran-linked Hackers Breached Israeli, U.S. Security Firms' Accounts

Over 250 Microsoft Office 365 accounts belonging to the security companies were targeted by hackers associated with Tehran, according to the tech giant

new-hdc-logo
Haaretz
Send in e-mailSend in e-mail
Microsoft's offices in New York.
Microsoft's offices in New York. Credit: Swayne B. Hall / AP
new-hdc-logo
Haaretz

Hackers linked to Iran tried to break into 250 Microsoft Office 365 accounts belonging to Israeli and American security companies using a hacking technique known as “password spraying,” the tech giant said Monday.

Microsoft did not elaborate on which companies were attacked.

Password spraying is a traditional brute force attack in which the hackers try to obtain access to as many accounts as possible by trying common passwords – each time from a different IP address. This allows them to evade some of the automatic defenses for protecting passwords and accounts. The goal is to find an account to enter the organization – and use it to continue on from the inside.

The Microsoft Threat Intelligence Center first observed and began tracking these efforts in late July 2021, and named the activity cluster DEV-O343.

Microsoft said the targets of the attacks were defense companies that support United States, European Union, and Israeli government partners producing military-grade radars, drone technology, satellite systems, and emergency response communication systems.

Further activity has targeted customers in geographic information systems (GIS), spatial analytics, regional ports of entry in the Persian Gulf, and several maritime and cargo transportation companies with a business focus in the Middle East.

Microsoft said these attacks were identical to others conducted by hackers linked to Iran, alongside other signs that showed they acted under Iranian auspices.

“Less than 20 of the targeted tenants were successfully compromised, but DEV-0343 continues to evolve their techniques to refine its attacks,” Microsoft wrote in its blog post on the subject.

Microsoft said it has “directly notified customers that have been targeted or compromised, providing them with the information they need to secure their accounts.”

Israel is the seventh most-targeted country in the world for cyber-attacks, and last year the number of such attacks by Iran against Israel quadrupled, said a report from Microsoft released just a few days ago.

Click the alert icon to follow topics:

Comments

SUBSCRIBERS JOIN THE CONVERSATION FASTER

Automatic approval of subscriber comments.
From $1 for the first month

Already signed up? LOG IN

ICYMI

Charles Lindbergh addressing an America First Committee rally on October 3, 1941.

Ken Burns’ Brilliant ‘The U.S. and the Holocaust’ Has Only One Problem

The projected rise in sea level on a beach in Haifa over the next 30 years.

Facing Rapid Rise in Sea Levels, Israel Could Lose Large Parts of Its Coastline by 2050

Tal Dilian.

As Israel Reins in Its Cyberarms Industry, an Ex-intel Officer Is Building a New Empire

Queen Elizabeth II, King Charles III and a British synagogue.

How the Queen’s Death Changes British Jewry’s Most Distinctive Prayer

Newly appointed Israeli ambassador to Chile, Gil Artzyeli, poses for a group picture alongside Rabbi Yonatan Szewkis, Chilean deputy Helia Molina and Gerardo Gorodischer, during a religious ceremony in a synagogue in Vina del Mar, Chile last week.

Chile Community Leaders 'Horrified' by Treatment of Israeli Envoy

Queen Elizabeth attends a ceremony at Windsor Castle, in June 2021.

Over 120 Countries, but Never Israel: Queen Elizabeth II's Unofficial Boycott