Microsoft announced that hackers suspected of having connections to Iran targeted military technology companies dealing with the governments of the United States, Israel, and other countries in the European Union. The company stated on its website on Monday that hackers targeted dozens of defense and maritime transport technology firms and successfully breached a small number of them.
The tech giant reported that the new attack is part of an espionage campaign that began last July, which could leave some companies vulnerable to further hacking attempts. Microsoft noted that among the targets are companies working with the governments of the United States, the European Union, and Israel, specifically those involved in manufacturing satellite systems, drone technology, and military radars.
Microsoft detailed that a hacking group calling itself DEV-0343 focuses its efforts on breaching Israeli defense technology companies, port systems in the region, or global maritime transport firms with commercial presence in the Middle East. The company explained that over 250 Microsoft accounts across the United States, the EU, and Israel were targeted through "password leaks," and hackers successfully compromised at least 20 of these accounts.
"Password leaking" is a straightforward hacking technique where cybercriminals attempt to breach multiple accounts using various potential passwords, hoping one matches the password used by the targeted user. Microsoft suggested that Iran might be behind the hacking operation based on the geographic range of the targeted companies and the similarity of the hacking pattern to actors that may have their base in Iran.
In its statement, Microsoft urged its clients in the defense industries, particularly in the targeted geographic areas, to review their data to counteract the cyberattack.
