Microsoft Links Iran’s Phosphorus Group To Hacking Attempt Of Munich Security Conference

Asso­ci­at­ed Press (AP) has report­ed that Microsoft has linked an Iran­ian hack­ers group to an attempt to break into per­son­al e‑mails accounts of the atten­dees of a high pro­file inter­na­tion­al secu­ri­ty con­fer­ence. Accord­ing to the report, the group known as “Phos­pho­rus” tried to hack atten­dees of the Munich Secu­ri­ty Con­fer­ence – a promi­nent annu­al con­fer­ence which brings togeth­er inter­na­tion­al secu­ri­ty pol­i­cy decision-makers:

Octo­ber 28, 2020 Microsoft says Iran­ian hack­ers have posed as con­fer­ence orga­niz­ers in Ger­many and Sau­di Ara­bia in an attempt to break into the email accounts of “high-pro­file” peo­ple with spoofed invitations…The tech com­pa­ny said Wednes­day it detect­ed attempts by the hack­ing group it calls Phos­pho­rus to trick for­mer gov­ern­ment offi­cials, pol­i­cy experts and academics..The tar­gets includ­ed more than 100 promi­nent peo­ple invit­ed by the hack­ers to the Munich Secu­ri­ty Con­fer­ence, which is attend­ed by world lead­ers each Feb­ru­ary, and the upcom­ing Think 20 Sum­mit, which begins lat­er this week in Sau­di Ara­bia but is online-only this year.

Read the rest here.

In Octo­ber, the Glob­al Influ­ence Oper­a­tions Report (GIOR) report­ed on cyber-attacks detect­ed by Microsoft tar­get­ing the per­son­al accounts of peo­ple asso­ci­at­ed with the Don­ald Trump Pres­i­den­tial cam­paign and which iden­ti­fied Phos­pho­rus among the attack­ers. Fur­ther report­ing on Iran­ian involve­ment in cyber­at­tacks has included:

• A report on crim­i­nal charges raised against Iran­ian hack­ers, includ­ing the van­dal­ism of US websites.

• A report on the lat­est DHS Home­land Threat Assess­ment that failed to iden­ti­fy Iran­ian efforts direct­ed at the elections.

• A report that nation­al secu­ri­ty offi­cials had accused Iran of try­ing to inter­fere with the upcom­ing US elec­tions by send­ing vot­ers fake emails intend­ed to look like they had been sent by the Proud Boys, a far-right, pro-Trump group.

• A report that the US Depart­ment of Jus­tice had seized 92 inter­net domains said to be used by Iran’s Rev­o­lu­tion­ary Guard as part of a glob­al dis­in­for­ma­tion campaign.