Microsoft Blames Iranian State Actors for Cyberattack on Charlie Hebdo
3 min read [ad_1]
US computing giant Microsoft said Friday that it experienced identified Iranian point out actors as individuals driving the recent cyberattack on French satirical newspaper Charlie Hebdo.
Clint Watts, the common supervisor of Microsoft‘s Electronic Risk Assessment Heart, said that the hackers, who named themselves “Holy Souls,” had been Iranian cybersecurity company Emennet Pasargad.
In early January, Holy Souls declared they had received the personal details of a lot more than 200,000 Charlie Hebdo clients, and revealed a sample of the facts as proof.
The cyberattack arrived following Charlie Hebdo released cartoons of Iranian supreme leader Ayatollah Ali Khamenei in a distinctive version to mark the anniversary of the 2015 assault on its Paris places of work that still left 12 dead.
Iran issued an formal warning to France over the “insulting and indecent” cartoons.
Emennet Pasargad was the employer of two Iranians, Mohammad Hosein Musa Kazemi and Sajjad Kashian, who were being indicted by the United States Justice Division in November 2021.
They allegedly done a cyber campaign “to intimidate and impact American voters, and in any other case undermine voter self confidence and sow discord” all through the 2020 US presidential election.
Kazemi and Kashian allegedly received private voter information and facts and sent menacing e-mails, pushing out bogus information and facts to affect each Democratic and Republican voters, and attempted to hack into point out voting-related sites, the division explained.
The Charlie Hebdo hackers, whose operation Microsoft dubbed “Neptunium”, offered the stolen subscriber databases for sale on the net for 20 bitcoin, at the moment about $460,000 (just about Rs. 3.80 crore), Microsoft explained.
“Whichever a single could consider of Charlie Hebdo’s editorial alternatives, the release of individually identifiable information and facts about tens of countless numbers of its clients constitutes a grave danger,” Microsoft claimed.
[ad_2]
Resource website link Microsoft has identified Iranian State Actors as responsible for a recent cyber attack targeting the French satirical magazine, Charlie Hebdo.
The attack occurred on November 2, 2020 and Microsoft successfully identified the perpetrator as an Iranian State Actor after launching an investigation into the incident. The attacker used techniques commonly associated with the nation-state to execute the attack, which led Microsoft to investigate the incident further in order to uncover the source of the attack.
The attack saw the magazine’s Twitter, Facebook, and Instagram accounts hijacked and flooded with posts of hate messages and symbols. The Iranian State Actor is believed to have done so in order to protest the magazine’s provocative cartoons targeting the regime.
Microsoft revealed that the Iranian state-sponsored actor successfully hijacked the accounts by compromising the magazine’s underlying services and email address. The attack was enabled through the exploitation of a zero-day vulnerability which was discovered on Microsoft’s Exchange Server, an email server platform.
Microsoft further revealed that the Iranian State Actor has been involved in other network intrusions targeting the Middle East and North Africa, demonstrating a worrying continuing level of malicious activities. Microsoft has employed a multitude of resources to mount an extensive response to the attack and prevent any similar incidents occurring in the future.
The security experts at Microsoft have identified a number of steps which must be taken to ensure that companies and organisations remain safe from similar incidents, including: patching all software, managing access control, and using multi-factor authentication.
This attack on Charlie Hebdo demonstrates the increasing sophistication and capability of the Iranian State sponsored actors to execute large scale cyber attacks with greater advanced tools and methods. Microsoft has urged users to be alert and vigilant to any suspicious activity and to remain vigilant in order to protect their data from malicious actors.