Iran Caught Using Intermediaries To Hack Israeli Business

Uploaded on 2022-06-08 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Microsoft has disabled attack activity on over 20 OneDrive accounts for abusing the file hosting service in order to carry out cyber attacks on Israeli companies across numerous industries, including defense and financial services

Now, Microsoft has disclosed the organisation behind the attacks, which they have named “Polonium,” which is based in Lebanon, most likely in collaboration with Iran’s Ministry of Intelligence and Security (MOIS). “Such collaboration or direction from Tehran would align with a string of revelations since late 2020 that the government of Iran is using third parties to carry out cyber operations on their behalf, likely to enhance Iran’s plausible deniability” Microsoft said.

 Polonium has targeted organisations previously targeted by Mercury, an identified “subordinate element” within MOIS, and has used similar tactics to those of Iranian cyber groups “Lyceum” and “CopyKittens.” Microsoft suggested that these factors point to possible “hand-off” operations, whereby MOIS provides Polonium with access to previously compromised victim environments in order to execute new activity. 

“Multiple manufacturing companies they targeted also serve Israel’s defense industry, indicating a Polonium tactic that follows an increasing trend by many actors, including among several Iranian groups, of targeting service provider access to gain downstream access,” Microsoft said in statement. 

Iran has conducted many cyber attacks around the world, affecting the US, Europe and Israel. The targets  have included those in the manufacturing, IT, transportation, defense, government, agriculture, financial, and healthcare sectors. 

Microsoft has previously beaten off several Iranian-linked cyber attacks on Israeli organisations, including in October 2021 when it announced hackers from Iran got into US and Israeli defense technology companies. In one incident, an IT company was used to target a downstream aviation company. 

Israel's National Cyber Directorate has recently launched a joint venture with the Communications Ministry to strengthen national cyber security.  These reforms require firms to purchase cutting-edge cyber security technology to identify, contain and recover potential cyber attacks, as well as to create internal measures to show the cyber security efforts they take.

Microsoft:    Times of Israel:    Al Arabiya:    i24:     Hacker News:    National Cybesecurity News:   The Record:  

You Might Also Read: 

Significant Growth In State-Sponsored Cyber Attacks:

 

« Deactivated Domains Used For Spear-Phishing
Small Business Still Not Ready For Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

FireEye

FireEye

FireEye delivers unmatched detection, protection and response technology through an extensible and flexible cloud-based XDR platform.

European Council on Foreign Relations (ECFR)

European Council on Foreign Relations (ECFR)

ECFR is a pan-European think-tank conducting research and promote informed debate on European foreign policy. Cyber security is becoming an intrinsic element of foreign policy debate.

Bayshore Networks

Bayshore Networks

Bayshore Networks was founded to safely and securely protect Industrial IoT (IIoT) networks, applications, machines and workers from cyber threats.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

sic[!]sec

sic[!]sec

sic[!]sec provide products and services for web application security.

Jandnet Recruitment

Jandnet Recruitment

Jandnet Recruitment is a small specialist company working in the IT sector. We recruit across all IT disciplines including cyber security and digital identity.

Alibaba Cloud

Alibaba Cloud

Alibaba Cloud is committed to safeguarding the cloud security for every business by leveraging a comprehensive suite of enterprise security services and products on the platform.

Alpha Mountain AI (alphaMountain)

Alpha Mountain AI (alphaMountain)

alphaMountain provides up-to-date domain and IP intelligence for cybersecurity investigational and protection platforms.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

Clarabot Nano

Clarabot Nano

Nano is the secure file sharing tool to improve content search, data access and collaboration between multiple parties.

Wing Security

Wing Security

Wing fosters a stronger security culture by engaging SaaS end-users and enabling easy communication with security teams.

Quantum Security Services

Quantum Security Services

Quantum Security Services is a specialist information security firm providing a range of risk, compliance and technical security services.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.

Attestiv

Attestiv

Attestiv puts authenticity into photos, videos and documents by utilizing advanced technologies in AI and tamper-proofing.