Iranian state-backed hackers have been targeting satellite, defense, and pharmaceutical companies in the US and worldwide, with the goal of gathering intelligence and potentially developing domestic production in those industries, according to Microsoft analysts. The hackers have successfully breached a few dozen out of the thousands of organizations they have targeted since February, using a blunt hacking technique. This highlights the determination of Tehran’s hacking teams to access valuable intelligence targets.

The heavy regime of US sanctions has aimed to restrict Iranian access to military hardware, and in some cases, hindered Western companies from supplying medical resources to Iran. It is difficult to determine the exact motives behind the hackers’ targeting of satellite, defense, and pharma firms, but the increased sanctions have likely incentivized Iran to search for trade secrets held by foreign companies. Sherrod DeGrippo, Microsoft’s director of threat intelligence strategy, suggests that these targeted sectors may have experienced difficulties in generating necessary resources internally.

This cyber-espionage campaign has continued throughout the summer, coinciding with significant moments in US-Iranian relations. The hackers have been infiltrating email accounts by using common passwords en masse, stealing data from some victim networks while discreetly monitoring others for valuable intelligence. According to DeGrippo, this method of compromising identities has proven effective for the hackers, thus they have not felt the need to explore alternative techniques.

Iranian government officials typically deny allegations of hacking, and CNN has reached out to Iran’s Permanent Mission to the United Nations for comment. The specific US companies that were breached have not been disclosed by Microsoft. The US National Security Agency, responsible for assisting defense contractors in protecting against cyber-attacks, has yet to respond to requests for comment.

While China and Russia are often considered the top-tier state hacking threats, Iran is not far behind. Iranian hackers have gained a reputation for being unpredictable and disruptive. In 2021, the FBI accused Iranian hackers of attempting to breach Boston Children’s Hospital, a claim that Tehran denied.