Iran Caught Using Intermediaries To Hack Israeli Business

Uploaded on 2022-06-08 in INTELLIGENCE-Hot Spots-Iran, FREE TO VIEW

Microsoft has disabled attack activity on over 20 OneDrive accounts for abusing the file hosting service in order to carry out cyber attacks on Israeli companies across numerous industries, including defense and financial services

Now, Microsoft has disclosed the organisation behind the attacks, which they have named “Polonium,” which is based in Lebanon, most likely in collaboration with Iran’s Ministry of Intelligence and Security (MOIS). “Such collaboration or direction from Tehran would align with a string of revelations since late 2020 that the government of Iran is using third parties to carry out cyber operations on their behalf, likely to enhance Iran’s plausible deniability” Microsoft said.

 Polonium has targeted organisations previously targeted by Mercury, an identified “subordinate element” within MOIS, and has used similar tactics to those of Iranian cyber groups “Lyceum” and “CopyKittens.” Microsoft suggested that these factors point to possible “hand-off” operations, whereby MOIS provides Polonium with access to previously compromised victim environments in order to execute new activity. 

“Multiple manufacturing companies they targeted also serve Israel’s defense industry, indicating a Polonium tactic that follows an increasing trend by many actors, including among several Iranian groups, of targeting service provider access to gain downstream access,” Microsoft said in statement. 

Iran has conducted many cyber attacks around the world, affecting the US, Europe and Israel. The targets  have included those in the manufacturing, IT, transportation, defense, government, agriculture, financial, and healthcare sectors. 

Microsoft has previously beaten off several Iranian-linked cyber attacks on Israeli organisations, including in October 2021 when it announced hackers from Iran got into US and Israeli defense technology companies. In one incident, an IT company was used to target a downstream aviation company. 

Israel's National Cyber Directorate has recently launched a joint venture with the Communications Ministry to strengthen national cyber security.  These reforms require firms to purchase cutting-edge cyber security technology to identify, contain and recover potential cyber attacks, as well as to create internal measures to show the cyber security efforts they take.

Microsoft:    Times of Israel:    Al Arabiya:    i24:     Hacker News:    National Cybesecurity News:   The Record:  

You Might Also Read: 

Significant Growth In State-Sponsored Cyber Attacks:

 

« Deactivated Domains Used For Spear-Phishing
Small Business Still Not Ready For Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Asavie

Asavie

Asavie provide solutions for Enterprise Mobility Management and secure IoT Connectivity.

RPC

RPC

RPC is a business law firm. Practice areas include technology and cyber risk.

ShmooCon

ShmooCon

ShmooCon is an annual east coast hacker convention offering three days of demonstrations and discussions of critical infosec issues.

ManagedMethods

ManagedMethods

ManageMethods Cloud Access Monitor is the only Cloud Access Security Broker (CASB) that can be deployed in minutes, with no special training, and with no impact on users or networks.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

Prove & Run

Prove & Run

Prove & Run provides a patented software development toolchain that is specifically forged to deal with the complex security properties of sensitive software components.

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

Block Armour

Block Armour

Block Armour is a Mumbai and Singapore based venture focused on harnessing emerging technologies to counter growing Cybersecurity challenges in bold new ways.

AlAnsari Technical Solutions (ATS)

AlAnsari Technical Solutions (ATS)

ATS is a Kuwait based company specialised in delivering hardware/software, Virtualisation, IP Telephony / Unified Communication, Networking and professional IT services and solutions.

Business Continuity

Business Continuity

Business Continuity delivers integrated IT solutions for cybersecurity, virtualization, cloud platforms and operational security solutions.

Kintent

Kintent

With Kintent, compliance becomes a habit, is simple to understand and achieve, and is continuously testable so that your customers can see that you are adhering to all your trust obligations.

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG)

ISRG's mission is to reduce financial, technological, and educational barriers to secure communication over the Internet.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

Fairdinkum Consulting

Fairdinkum Consulting

Fairdinkum is a leading full-service IT consulting firm with more than two decades of experience in the industry.

NetHope

NetHope

NetHope is a membership-based organization serving the international nonprofit humanitarian, development, and conservation sector through digital transformation.