MSTIC identifies Iranian Threat Actors Targeting IT Sector

  |  Source: 
Information & Technology

MSTIC identifies Iranian Threat Actors Targeting IT Sector

A report from Microsoft Threat Intelligence Center (MSTIC) has identified an increase of Iranian threat actors targeting the IT sector, specifically service companies, as a means to access downstream customer networks. The report stated, "This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain." Targeting of the attacks has been identified to compromising organizations of interest to the Iranian regime. The rise in the attacks was observed from Microsoft, prompting  more than 1,600 notifications issued to over 40 IT companies this year in regards to Iranian targeting. This is in comparison to only 48 notifications sent in 2020. Attacks have been observed with DEV-0228 compromising an IT provider in Israel in early July 2021, dumping credentials then pivoting to other organizations within the next two months, compromising other organizations that have strong relations with the initial compromised IT company.


Get trending threats published weekly by the Anvilogic team.

Sign Up Now