Iran Caught Using Intermediaries To Hack Israeli Business

Uploaded on 2022-06-08 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Microsoft has disabled attack activity on over 20 OneDrive accounts for abusing the file hosting service in order to carry out cyber attacks on Israeli companies across numerous industries, including defense and financial services

Now, Microsoft has disclosed the organisation behind the attacks, which they have named “Polonium,” which is based in Lebanon, most likely in collaboration with Iran’s Ministry of Intelligence and Security (MOIS). “Such collaboration or direction from Tehran would align with a string of revelations since late 2020 that the government of Iran is using third parties to carry out cyber operations on their behalf, likely to enhance Iran’s plausible deniability” Microsoft said.

 Polonium has targeted organisations previously targeted by Mercury, an identified “subordinate element” within MOIS, and has used similar tactics to those of Iranian cyber groups “Lyceum” and “CopyKittens.” Microsoft suggested that these factors point to possible “hand-off” operations, whereby MOIS provides Polonium with access to previously compromised victim environments in order to execute new activity. 

“Multiple manufacturing companies they targeted also serve Israel’s defense industry, indicating a Polonium tactic that follows an increasing trend by many actors, including among several Iranian groups, of targeting service provider access to gain downstream access,” Microsoft said in statement. 

Iran has conducted many cyber attacks around the world, affecting the US, Europe and Israel. The targets  have included those in the manufacturing, IT, transportation, defense, government, agriculture, financial, and healthcare sectors. 

Microsoft has previously beaten off several Iranian-linked cyber attacks on Israeli organisations, including in October 2021 when it announced hackers from Iran got into US and Israeli defense technology companies. In one incident, an IT company was used to target a downstream aviation company. 

Israel's National Cyber Directorate has recently launched a joint venture with the Communications Ministry to strengthen national cyber security.  These reforms require firms to purchase cutting-edge cyber security technology to identify, contain and recover potential cyber attacks, as well as to create internal measures to show the cyber security efforts they take.

Microsoft:    Times of Israel:    Al Arabiya:    i24:     Hacker News:    National Cybesecurity News:   The Record:  

You Might Also Read: 

Significant Growth In State-Sponsored Cyber Attacks:

 

« Deactivated Domains Used For Spear-Phishing
Small Business Still Not Ready For Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Juniper Networks

Juniper Networks

Juniper Networks is the industry leader in network innovation. We provide network infrastructure and network security solutions.

Venafi

Venafi

Venafi is a world-class cyber-security company dedicated to protecting machine identities for our hyper-connected digital economy.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

European Network for Cyber Security (ENCS)

European Network for Cyber Security (ENCS)

ENCS’s core focus is around educating and solving cyber security challenges in the development and operation of energy grids across Europe.

Hypersecu Information Systems

Hypersecu Information Systems

Hypersecu Information Systems, Inc. is a solution provider dedicated to multi-factor authentication, public key infrastructure and software copyright protection.

Agesic

Agesic

Agesic is an institution that leads the development of the Digital Government and the Information and Knowledge Society in Uruguay.

Open Cloud Factory

Open Cloud Factory

Open Cloud Factory is a European based security company, that strives to ease the pressure on IT managers, by providing tools to implement your Security Strategy in an effective and easy manner.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Take Five

Take Five

Take Five is a national campaign offering straight-forward, impartial advice that helps prevent email, phone-based and online fraud – particularly where criminals impersonate trusted organisations.

Cyber Bytes Foundation

Cyber Bytes Foundation

Cyber Bytes Foundation exists to establish and sustain a unique Cyber Ecosystem to accelerate the development of a strong Cyber workforce and support community outreach programs.

SafeStack Academy

SafeStack Academy

SafeStack Academy is an online cyber security and privacy education platform. Our content is designed by experts to suit small businesses, growing companies, and development teams.

Sollensys

Sollensys

Sollensys is a leader in commercial blockchain applications. Our flagship product, The Blockchain Archive Server™ is the best defense against the devastating financial loss that ransomware causes.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

Anjuna Security

Anjuna Security

Software from Anjuna Security effortlessly enables enterprises to safely run even their most sensitive workloads in the public cloud.

Novem CS

Novem CS

Novem CS are bespoke cyber security specialists providing a highly effective and specialised approach to solving your cyber security challenges.

Proaxiom

Proaxiom

Proaxiom are focused on erasing cyber driven panic paralysis for Small and Medium Enterprises through brilliant cyber technologies which drive productivity and support growth.