Microsoft has recently revealed that several attacks on a French magazine by hackers linked to the Islamic Republic of Iran were launched in a six-month campaign that began in October 2020. Microsoft discovered the cyberattack via their Threat Intelligence Center and claims it’s the first time a nation-state has targeted an independent press outlet and its individual journalists.
Microsoft believes the attacks were carried out by a hacking group called “Phosphorous,” which has been linked to the Iranian government in the past. The attacks included digital espionage, password spray attacks and exploiting weak credentials. The hackers infiltrated the magazine’s networks, stole information and tracked the movements of individual journalists in order to intimidate and surveille them.
This campaign further highlights Iran’s aggressive cyber attacks on targets outside of its border. Late last year, the U.S. and EU brokered a nuclear agreement with Iran, which limited its nuclear-related activities. The agreement did not restrict Iran’s ability to conduct malicious cyber activities, though, thus leading to an increase in recently carried-out campaigns.
Microsoft President Brad Smith said in a blog post, “we have now seen Phosphorous use more targeted and persistent attempts to compromise specific employee accounts at this media organization. These attempts include password spray tactics, where the attackers use commonly-available information and lists of commonly-used passwords for different accounts, in an attempt to gain access to employee accounts.”
The cyberattack is putting further pressure on countries and companies to improve their security measures. Microsoft has previously released tools like the Azure Security Center, which provides intelligence and automated tools to help detect and block possible threats in their cloud services. The company continues to emphasize the need for better security practices with its customers, and it will be important for them to stay vigilant in the face of these threats.
Overall, the attack on a French magazine further highlights the critical need to improve cyber security measures globally. Microsoft’s latest findings of a suspected Iranian-backed group underscore the importance of increased vigilance, especially when it comes to nation-state attacks. Companies must work together to ensure they are adequately prepared to defend against these threats.
