Microsoft analysts have recently discovered that Iranian state-backed hackers are actively targeting satellite, defense, and pharmaceutical companies worldwide. Their main objective appears to be gathering intelligence and potentially strengthening domestic production in these industries, particularly in response to heavy US sanctions.
Since February, these hackers have successfully infiltrated multiple organizations using a relatively simple hacking technique. Their ability to breach these systems highlights the determination of Tehran’s hacking teams.
US sanctions against Iran have severely limited the country’s access to military hardware and discouraged Western companies from providing medical supplies. As a result, Iran has resorted to seeking trade secrets from foreign firms, as reported by CNN.
The choice of industries targeted by these hackers aligns with Iran’s potential need to develop domestic production capabilities in the face of sanctions. While the specific motivation behind targeting satellite, defense, and pharmaceutical companies remains unknown, the heightened incentive created by the sanctions strongly indicates that Iran is actively pursuing valuable intelligence.
According to Microsoft analysts, the hackers have been gaining access to email accounts through bulk attempts at guessing common passwords. Despite the simplicity of this technique, it has proven to be highly effective.
In some cases, the intruders stole data from victim networks, while in others, they quietly monitored email accounts, evading detection due to the straightforward yet efficient nature of their approach.
It is important to note that Iran has a history of denying hacking allegations, and the government has not yet responded to this latest report. Microsoft has chosen not to disclose the specific US companies that were targeted, and the US National Security Agency has not provided any comment on the matter.
Furthermore, in a separate incident, China-backed hackers managed to steal a digital consumer key from Microsoft, granting them unrestricted access to US government emails. Microsoft has released details on how these cybercriminals executed one of the largest cyber heists in corporate and government circles.