American, European and Israeli shipping and defense firms that do business in the Middle East, were being subjected to attempted attacks by Iran-based hackers, Microsoft has said.
It announced that in recent weeks, a cell of hackers it had codenamed DEV-0343 had carried out “extensive password spraying” on some 250 companies that rely on Microsoft’s products.
A password spray is a cyber infiltration strategy to gain access to multiple accounts by using universal passwords.
The victims of the alleged spray include defense companies that support US, EU and Israeli “government partners producing military-grade radars, drone technology, satellite systems and emergency response communication systems,” Microsoft said.
It added that the cell was first detected in July — a busy month for Iranian military forces, which conducted aggressive operations in the Strait of Hormuz, killing a British security guard and a Romanian maritime worker with an explosive-laden drone strike.
The UK, US and Israel all blamed Iran and its Islamic Revolutionary Guard Corps — Tehran’s irregular warfare unit — for the attack on the MT Mercer Street vessel.
Zodiac Maritime, the Britain-based business owned by Israeli billionaire Eyal Ofer that operates the ship, said it had not been directly targeted by the recent cyber infiltration attempts from Iran.
Microsoft said DEV-0343 may have been launched to help Tehran track “adversary security services and maritime shipping in the Middle East.”