Security News > 2021 > October > Microsoft: Iran-linked hackers target US defense tech companies
Iran-linked threat actors are targeting the Office 365 tenants of US and Israeli defense technology companies in extensive password spraying attacks.
The activity cluster was temporarily dubbed DEV-0343 by researchers at Microsoft Threat Intelligence Center and Microsoft Digital Security Unit, who have tracked it since late July.
"Targeting in this DEV-0343 activity has been observed across defense companies that support United States, European Union, and Israeli government partners producing military-grade radars, drone technology, satellite systems, and emergency response communication systems,' Microsoft says."
Microsoft has directly notified customers that have been targeted or compromised, providing them with the information they need to secure their accounts.
Since the attacks have started, less than 20 targets have been compromised, with Microsoft noting that Office 365 accounts with multifactor authentication toggled are resilient against DEV-0343's password spray attacks.
"They typically target dozens to hundreds of accounts within an organization, depending on the size, and enumerate each account from dozens to thousands of times," Microsoft says.
News URL
Related news
- Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors (source)
- Chinese hackers breached Dutch Ministry of Defense (source)
- Iran's cyber operations in Israel a potential prelude to US election interference (source)
- Chinese hackers hid in US infrastructure network for 5 years (source)
- Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks (source)
- Hacker arrested for selling bank accounts of US, Canadian users (source)
- North Korean hackers linked to defense sector supply-chain attack (source)
- Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative (source)
- New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide (source)
- US govt shares cyberattack defense tips for water utilities (source)