Microsoft has raised an alarm about a massive surge in Iranian state-sponsored hacking attempts against IT services firms.
According to Microsoft, attacks from state-sponsored Iranian hackers on IT services firms were virtually non-existent in 2020, but this year exceeded 1,500 potential attacks.
“Microsoft has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks,” it said.
See also: A winning strategy for cybersecurity (ZDNet special report).
Most of the targeting is focused on IT services companies based in India, as well as several companies based in Israel and the United Arab Emirates. Microsoft said that these attacks are another example of how nation-state actors are increasingly targeting supply chains as an indirect approach to their real targets.
“Until July 2021, Microsoft had observed relatively little history of Iranian actors attacking Indian targets,” Microsoft said in a blogpost from its Threat Intelligence Center (MSTIC) and Digital Security Unit (DSU).
“Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more