Iran-linked hackers targeted maritime and defense contractors, compromised Office 365 accounts

Written by
Oct 11, 2021 | CYBERSCOOP

Hackers likely supporting Iranian national interests attempted to compromise U.S. and Israeli defense technology and global maritime companies, Microsoft researchers shared Monday.

The attacks, which began in July, targeted the Office 365 accounts of more than 250 Microsoft users, the company said. Less than 20 of the targeted victims were successfully compromised, according to a security alert.

Other targeted industries included defense companies supporting the European Union, geographic information systems and regional ports in the Persian Gulf. Hackers attempted to break into the accounts using a technique called “password spraying” in which hackers rapidly cycle through different passwords in an effort to access an account.

Microsoft researchers say the “activity likely supports the national interests of the Islamic Republic of Iran” and the attacks’ techniques and targets align with other Iran-sponsored campaigns.

“Microsoft assesses this targeting supports Iranian government tracking of adversary security services and maritime shipping in the Middle East to enhance their contingency plans,” researchers wrote. “Given Iran’s past cyber and military attacks against shipping and maritime targets, Microsoft believes this activity increases the risk to companies in these sectors.”

State-sponsored Iranian hackers have a long history of

Read More: