Microsoft says Iran is stepping up attacks on IT sector

Company says hackers can access supply chains via third-party backdoors.
January 2018 photo of Tehran, Iran

Microsoft says that Iranian agents are stepping up attacks on the IT sector, potentially as a means of gaining access to more sensitive networks via unsecured third parties.

"Iranian threat actors" are "increasing attacks against IT services companies as a way to access their customers’ networks," the technology company said in a blog post this week.

"This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain," according to the post Wednesday.

"To date this year, Microsoft has issued more than 1,600 notifications to over 40 IT companies in response to Iranian targeting, compared to 48 notifications in 2020," Microsoft also said, calling it "a significant increase from years past."

Most of the targeting "is focused on IT services companies based in India, as well as several companies based in Israel and United Arab Emirates," the company said.

Microsoft suggested several steps for securing databases from attack, including implementing multi-step authentication and “[blocking] all incoming traffic from anonymizing services where possible.