Iran Hacked The US and Israeli Defence Tech Companies Using Microsoft 365 | TurDef

Main Page
Event Calendar
Exclusive Files
Videos
Tenders
Echo
Contact

Main Page
Recent News

Land Navy / Maritime Air Ammunition Weapon / Missile Modernisation Expo and Air Show

Otokar Increases Its Presence in Latin America

30 November 00:34 94

First Batch of Chinese VT5 Light Tanks to Bangladesh

29 November 02:39 134

Russian Army Gets 20 T-14 Armata before 2021 Ends

28 November 18:22 116

VAMTAC ST5 4x4 Emergency Response Vehicles for Portuguese

25 November 23:56 228

The Philippines May Acquire a Second Pohang-Class Corvette From Korea

29 November 11:15 107

Chinese CM-302 Anti-Ship Missile on Pakistani Type 054A/P

29 November 07:41 92

The Greek Navy Got a Donated Support Ship

28 November 14:39 123

FAC-55 Construction Will Begin in 2022

27 November 22:44 105

Boeing to Convert F-16 Fighters to Target UAVs

30 November 15:03 17

Will Switzerland Pay More for F-35

30 November 12:21 38

French Private Company ARES Buys Qatar’s Mirage 2000-5 Fighters

29 November 13:26 100

Mig-31 With Kinzhal Gets Digital

28 November 22:21 121

Israels Expands Loitering Munitions Towards Asia

21 October 10:45 190

SSB announced: STM’S Boyga UAV Released MKE’s 81 mm Mortar

29 September 01:27 276

Turaç aims climbing export ranks one by one

14 September 00:19 215

Almaz-Antey develops anti-UAV ammunition: Krechet

26 August 15:30 230

Tsirkon Destroys Target Over 400 Km Away

30 November 16:36 17

Fast and Deep: Russia Begins Serial Production of Tsirkon for Submarines

30 November 08:15 60

VRA and Thales Ink Deal On Spike ATGM Manufacture

29 November 16:23 115

Pakistan tested the Shaheen 1-A Surface-to-Surface Ballistic Missile

29 November 10:55 100

Ukrainian Navy to receive two Mi-8MSB-V helicopters

27 November 03:13 99

Russia’s Giant Mi-26 Begins Serial Production in 2022

26 November 15:15 114

Cakra-Class KRI Cakra-401 Submarine Returns to Sea

26 November 02:34 123

Aselsan to Supply E/O Targeting Pods to Ukraine’s Mi-8 Helicopter Fleet

19 November 00:30 155

Ten More Akıncı UAV Will Fly with Ivchenko-Progress AI-450T Engines

19 November 11:44 86

UAV Unveiled the Twin of TB2 Bayraktar

18 November 17:22 156

Indonesia orders two A400M in multirole tanker and transport configuration

18 November 11:20 82

Menatek Presented its products at Saha Expo

17 November 09:11 84
Exclusive Files
- Interview
Event Calendar
Videos
Tenders
Echo
Contact

Cyber Warfare

USA

Iran

Israel

Iran Hacked The US and Israeli Defence Tech Companies Using Microsoft 365

12 October 2021 201

Iran Hacked The US and Israeli Defence Tech Companies Using Microsoft 365

On Monday, the Microsoft Threat Intelligence Centre (MSTIC) reported that Iranian hackers had successfully attacked the US and Israeli defence technology firms.

More than 250 Microsoft Office 365 accounts associated with the US, EU, and the Israeli government were compromised due to widespread password spraying. Additionally, Persian Gulf entry points and global marine transportation businesses with a presence in the Middle East were targeted.

Iran Hacked The US and Israeli Defence Tech Companies Using Microsoft 365

Defence firms that serve US, EU, and Israeli government partners in producing military-grade radars, drone technology, satellite systems, and emergency response communication systems were among those compromised.

MSTIC began observing and tracking activity in late July 2021. MSTIC detected the hacker organisation DEV-0343 performing significant password spraying against more than 250 Office 365 tenants, focusing on US and Israeli defence technology firms, Persian Gulf ports of entry, or global marine transportation corporations with a Middle Eastern presence. Although around 20 of the targeted tenants were successfully penetrated, DEV-0343 is constantly evolving its tactics to improve its attacks. According to MSTIC, Office 365 accounts with multifactor authentication (MFA) configured are resistant to password spraying.

DEV-#### designations are used by Microsoft as a temporary moniker for an unknown, emerging, or growing cluster of threat activity, allowing MSTIC to track it as a unique collection of information until they can establish high confidence regarding the origin or identity of the actor behind the operation. A DEV gets transformed into a named actor if it fulfils the requirements. Microsoft has personally contacted customers who have been targeted or compromised, as with any observed nation-state actor activity. It has provided them with the information they need to protect their accounts.

Targeting has been seen in this DEV-0343 activity among defence businesses that support US, EU, and Israeli government partners in producing military-grade radars, drone technologies, satellite systems, and emergency response communication systems. Customers in geographic information systems (GIS), spatial analytics, regional ports of entry in the Persian Gulf, and various marine and freight transportation firms with a Middle Eastern focus have also been targeted.

According to Microsoft, "based on pattern-of-life analysis, extensive crossover in geographic and sectoral targeting with Iranian actors, and alignment of techniques and targets with another actor originating in Iran," this activity "likely supports the national interests of the Islamic Republic of Iran." Microsoft believes this targeting will help the Iranian government follow enemy security services and marine transportation in the Middle East to improve their contingency plans. Having access to commercial satellite photos and private shipping plans and logs might assist Iran in compensating for its growing satellite programme. Given Iran's previous cyber and military strikes on shipping and marine targets, Microsoft feels this action raises the danger for firms in these industries.

Microsoft MSTIC

Similar News

News Bulletin

Sign up for Newsletters

Please choose your category

Land

Navy / Maritime

Air

Space

E/W

Cyber Warfare

Ammunition

Weapon / Missile

Logistics

Simulator / AI / Drill

Investment

Country

Bilateral Relations

Regional / Strategy

Defence Politics

Modernisation

Unmanned Systems

Communication

Sensors

Engine and Transmission

Homeland Security

Interview

Expo and Air Show

Send

Main Page Event Calendar Videos Tenders About TurDef Executive Team Contact Copyright Notice

Land
Navy / Maritime
Air
Space
E/W
Cyber Warfare
Ammunition
Weapon / Missile
Logistics
Simulator / AI / Drill
Investment
Country
Bilateral Relations
Regional / Strategy
Defence Politics
Modernisation
Unmanned Systems
Communication
Sensors
Engine and Transmission
Homeland Security
Interview
Expo and Air Show

© 2021, TurDef | All Rights Protected - Disclaimler

We use cookies to improve user experience, and analyse website traffic. For these reasons, we may share your site usage data with our analytics partners. By clicking “Accept Cookies” you consent to store on your device all the technologies described in our Cookie Policy. You can change your cookie settings at any time by clicking “Maybe Later.”

Copyright Notice

By accessing TurDef’s web pages, you agree that you may only download the content for personal, non-commercial use.

Except where expressly stated otherwise, you are not permitted to copy, broadcast, download, store (in any medium), transmit, show or play in public, adapt or change in any way the content of these TurDef web pages for any other purpose whatsoever without the prior written permission of the TurDef. You may ask request for permission from the info@turdef.com account.

Exclusive news can be re-distributed on social media or re-published on media outlets by referring to TurDef and providing specific backlinks to the relevant pages.