An Iranian group, designated the codename DEV-0343, has digitally attacked US and Israeli defense technology companies, Persian Gulf ports of entry, and global maritime transportation companies with business presence in the Middle East, the Microsoft Threat Intelligence Center (MSTIC) announced.
In a statement on Monday, Microsoft said that some 250 Office 365 users were attacked, but less than 20 were compromised. However, “DEV-0343 continues to evolve their techniques to refine its attacks.”
Using a password spray attack, in which the hackers “spray” passwords at a large volume of usernames, DEV-0343 activity has been observed across defense companies that support US, European Union, and Israeli government partners producing military-grade radars, drone technology, satellite systems, and emergency response communication systems. Further activity has targeted customers in geographic information systems (GIS), spatial analytics, regional ports of entry in the Persian Gulf, and several maritime and cargo transportation companies with a business focus in the Middle East.
“This activity likely supports the national interests of the Islamic Republic of Iran based on pattern-of-life analysis, extensive crossover in geographic and sectoral targeting with Iranian actors, and alignment of techniques and targets with another actor originating in Iran,” Microsoft said.
Iran conducted the cyberattack “to enhance their contingency plans. Gaining access to commercial satellite imagery and proprietary shipping plans and logs could help Iran compensate for its developing satellite program.”
“Given Iran’s past cyber and military attacks against shipping and maritime targets, Microsoft believes this activity increases the risk to companies in these sectors, and we encourage our customers in these industries and geographic regions to defend themselves from this threat,” the tech giant warned.
Iran and Israel have been engaged in cyber warfare in recent years, with Iran attacking a broad array of targets, and Israel focusing on Iran’s nuclear program.