Microsoft: Iranian hackers targeting US and Israeli companies

Microsoft warns that hackers possibly linked to Iran have been trying to break into Office 365 accounts of US, EU, and Israeli defense companies.

Arutz Sheva Staff ,

Cyberattack
Cyberattack
iStock

Microsoft warned on Monday that hackers possibly linked to Iran have been trying to break into numerous Office 365 accounts through password-guessing attacks.

The hackers have been targeting US, EU, and Israeli defense companies that produce “military-grade radars, drone technology, satellite systems and emergency response communication systems,” the company wrote, according to PCMag.

Microsoft said the hacking group has been using these “password-spraying” attacks on 250 Office 365 “tenants.” These tenants encompass an entire organization’s resources, including employee user accounts, under a Microsoft cloud service.

“Less than 20 of the targeted tenants were successfully compromised,” Microsoft added.

The company has dubbed the hacking group DEV-0343. Other targets have included Persian Gulf ports of entry and global maritime transportation companies in the Middle East.

“Microsoft assesses this targeting supports Iranian government tracking of adversary security services and maritime shipping in the Middle East to enhance their contingency plans,” the company said. “Gaining access to commercial satellite imagery and proprietary shipping plans and logs could help Iran compensate for its developing satellite program.”

Microsoft urged its customers to be on guard. The password-spraying attacks works by learning a user’s email address and then trying numerous passwords over several hours or days to try and break in.

To stop the attacks, Microsoft encouraged its clients to enable multi-factor authentication on their accounts. This requires anyone logging on to type in both the correct password, and provide another mode of authentication, usually a one-time passcode generated over the account owner's smartphone.



top