Iran trying to hack US and Israeli defence companies, says Microsoft

Cyber criminals successfully breached fewer than 20 of 250 organisations

This Friday, Sept. 6, 2019, satellite image provided by Maxar Technologies appears to show the Iranian oil tanker Adrian Darya-1 off the coast of Tartus, Syria. Satellite images obtained by The Associated Press on Saturday, Sept. 7, 2019, appeared to show the once-detained Iranian oil tanker Adrian Darya-1 near the Syrian port, despite U.S. efforts to seize the vessel. That's after Gibraltar earlier seized and held the tanker for weeks, later releasing it after authorities there said Iran promised the oil wouldn't go to Syria. (Satellite image ©2019 Maxar Technologies via AP)

Iran has attempted to hack numerous US and Israeli defence technology companies and global maritime transportation firms, Microsoft said on Monday.

The suspected Iranian hackers successfully breached fewer than 20 of more than 250 organisations subject to the attack on Microsoft Office 365 users.

Microsoft concluded Iran was behind the attack because the activity “supports the national interests” of Iran and aligns with the techniques and targets of other hacks originating in the country.

The software firm said it first became aware of the hack in late July.

The hack “supports Iranian government tracking of adversary security services and maritime shipping in the Middle East to enhance their contingency plans,” it said.

“Gaining access to commercial satellite imagery and proprietary shipping plans and logs could help Iran compensate for its developing satellite programme.”

The hack was not said to have been sophisticated. Attackers used a technique known as “password spraying” in which they repeatedly try to compromise accounts by using a series of common and frequently used passwords.

The targets were defence companies that work with the US, EU and the Israeli government to supply military-grade radars, drone technology, satellite systems and emergency response communication systems. All of the maritime and cargo transportation firms that were targeted maintain a business presence in the Middle East.

A trove of data

Organisations operating at regional ports of entry to the Arabian Gulf were attacked. Other targets included Microsoft customers working in geographic information systems (GIS) and spatial analytics.

A successful hack it would have elicited a trove of valuable data.

In recent months, tensions in the region have simmered as tanker attacks and maritime incidents in the Arabian Gulf have increased.

In August, two crew members were killed after an attack on an Israeli-managed tanker off Oman. The US, Israel and Britain all blamed Iran for the attack. One week later, maritime security experts blamed Iranian-backed forces for the seizure of an oil tanker off the coast of the UAE. Iran has denied responsibility for both attacks.

Updated: October 12th 2021, 7:18 AM
EDITOR'S PICKS
NEWSLETTERS