back to article Iran tried to hack hundreds of politicians, journalists email accounts last month, warns Microsoft

The Iranian government has attempted to hack into hundreds of Office 365 email accounts belonging to politicians, government officials and journalists last month, Microsoft has warned. “We’ve recently seen significant cyber activity by a threat group we call Phosphorous, which we believe originates from Iran and is linked to …

  1. Mike Shepherd
    Meh

    Iran...

    Goodness! I'm sure the United States wouldn't do that.

    1. Mark 85 Silver badge

      Re: Iran...

      Upvote for a great bit of sarcasm. At least I hope it was.

    2. anonymous boring coward Silver badge

      Re: Iran...

      Fair comment.

      However, Iran is even more sinister than USA when it comes to jailing, and throwing away they key, of any dissidents. I'm sure Trump is jealous of Iran in that regard.

      1. phuzz Silver badge

        Re: Iran...

        "Iran is even more sinister than USA when it comes to jailing, [...] dissidents"

        The US takes a pro-active approach and locks people up as soon as they enter the country. You can never be too young to be a potential dissident!

        1. mutin

          Re: Iran...

          Well, I would suggest being more specific when blaming the US for throwing somebody in a jail. Ever came in the US and got behind bars?

  2. DougS Silver badge

    Iran would probably be as anti-Trump as Russia is pro-Trump

    I'll bet he takes foreign interference more seriously when it is trying to hurt him rather than help him.

  3. Anonymous Coward
    Anonymous Coward

    Screw this political BS!

    WTF is wrong with El Reg!? This used to be a place for IT news. I'm done third article with spin today. I'm out.

    1. Mark 85 Silver badge

      Re: Screw this political BS!

      Hmm... 4 comments and your account started today. Don't let the door hit you in the ass.

      If Iran hacking isn't IT news than what is? The latest Apple shiny?

      1. BrownishMonstr

        Re: Screw this political BS!

        I'm rather curious, how do you know his account was created today and that was his fourth comment?

        I thought, as AC, such information wasn't publicly available, unless you're either an El Reg employee with access to such information, or part of the Iranian Government who has hacked The Register.

        Perhaps, even, you are part of another nation who has hacked The Register to...<MESSAGE INTERCEPTED>

        1. Mark 85 Silver badge

          Re: Screw this political BS!

          I'm rather curious, how do you know his account was created today and that was his fourth comment?

          Apparently, he's killed his account. He wasn't AC when I responded.

          1. BrownishMonstr

            Re: Screw this political BS!

            Super interesting, for some reason I had assumed The Register would state the account was deleted--perhaps I am confusing it with some other News website. Yes, yes, I know. Treachery.

      2. robbo1100

        Re: Screw this political BS!

        well said

    2. anonymous boring coward Silver badge

      Re: Screw this political BS!

      Spin?

      Lol!

      Government hacking citizens to keep them down is now "spin"?

      Who pays you to comment?

    3. anothercynic Silver badge

      Re: Screw this political BS!

      In the immortal words of Alaska Thunder*ahem*: Byeeeeeee!

  4. Anonymous Coward
    Anonymous Coward

    Flock of Seagulls

    Iran so far away....

    1. vtcodger Silver badge

      Re: Flock of Seagulls

      Pretty much everywhere is your neighbor in cyberspace. I find it hard to get worked up about email hacking. If you're doing stuff you shouldn't be doing using email, figure out how to use encryption for heavens sake.

      But when some bunch of ninnies in Washington or Moscow or Peking or somewhere else aggravate Iran or Taiwan or North Korea or the Grand Duchy of Fenwick into actual cyberwar, the cyber warriors are not going to stop at turning all the digitally controlled traffic lights in North America permanently green. They are going to try to turn off your and my electricity and drive every vehicle that does over the air software updates into the nearest structure and shut down air traffic control with hundreds or thousands of planes left to figure out how to land safely with no coordination and do all manner of harm to all the poorly planned infrastructure unwisely hung off the internet.

      I suppose that we really should be more concerned than we are.

      1. Pascal Monett Silver badge

        Re: If you're doing stuff you shouldn't be doing using email

        And what exactly is a journalist not supposed to be doing ?

        His job ?

      2. doublelayer Silver badge

        Re: Flock of Seagulls

        "I find it hard to get worked up about email hacking."

        Then maybe you should think a little more about what email hacking lets you do. First, it lets you target specific people and look at their communications, including those that might be private. We're talking private because they contain sensitive information, not necessarily because they reveal unethical activity. For journalists, that might be the identity of a source. For Iranians living outside Iran, it might be the name of someone inside Iran they care about. For politicians, whether they are likely to support laws the hackers don't like. For a candidate in a campaign, the strategy they're planning to use to challenge their opponent. There's a lot you can do with that kind of information.

        But there's a lot more you can do with an email. You can impersonate that person quite easily. You could of course have spoofed their address without having to access their mailbox. But with that access, you don't have to do that; anyone who checks thoroughly will still think the message came from their mail system because it did. Having read the messages they send, you can better imitate their style, making your message more convincing. And you can intercept replies to your message, hide them from the actual user, and reply to them at your convenience.

        Have you considered that the more strenuous attacks you mention probably have an email attack as one of their components? It is always possible that [insert group of evil people] have found a device on the internet that they can access and it lets them turn the power off. Given the security of these systems, it's likely there exist a few things of that nature. But you still have to find them, gain access without arousing suspicion, and understand how they work. Meanwhile, it might also be a little useful to gain access to the email of one of the engineers of the company and watch for technical documentation. Now you know how the system works. If you don't have access to the system yet, the credentials you just stole from the email probably help. And if the system either doesn't have an insecure thing online or you haven't found one, your access to the internal email gives you the option to get some malware in. Many targeted attacks begin in just this manner. Usually, it's by spear phishing for credentials or malware installation, but then it immediately turns to email compromise.

        If you can't see that email attacks can be quite dangerous, you might need to think about it more.

        1. kmedcalf

          Re: Flock of Seagulls

          But these people are using Outlook 247. This is not known for being a secure operation. Anyone who wanted to keep their e-mail private would already not be using Outlook 247.

          So this is all just balderdash. It is about a bunch of ninnies who do not value privacy at all having their privacy violated.

          So, who really gives a crap?

          1. anonymous boring coward Silver badge

            Re: Flock of Seagulls

            "So, who really gives a crap?"

            Those who will be dangling from Iranian cranes, perhaps? And their families. And the oppressed people? But not you, obviously. You have more important things to do -such as telling off people who gives a crap. And then one day your word falls apart around you, because you didn't give a crap. Enjoy.

      3. Anonymous Coward
        Anonymous Coward

        Re: Flock of Seagulls

        What’s your point and where’s “the content “ in those two paragraphs? Something about you?

      4. Anonymous Coward
        Anonymous Coward

        Re: Flock of Seagulls

        The Grand Duchy of Fenwick?

        Don't you mean the Third Duke of Wybourne, with his reputation?

        1. Julz Bronze badge

          Re: Flock of Seagulls

          Did his mouse roar too?

  5. Crazy Operations Guy Silver badge

    "why it believes the Iranian government is behind the hacks"

    "The company did not go into any detail over why it believes the Iranian government is behind the hacks beyond noting that those targeted included “prominent Iranians living outside Iran.” "

    I would imagine other nations, and not just Iran, would also want to spy on prominent Iranians living abroad. Like seeing if they can be mined for useful information that could damage Iran, use them for propaganda, implicate them as spies operating on behalf of Iran, and so on.

    It could even be someone else trying to make the attack appear to have come from Iran to remove suspicion from themselves. Or to stoke tensions between the US and Iran. There are a lot of entities that would benefit from continued tensions between the two nations.

    Its equally possible that it really is Iran and they got caught trying to open the cookie jar, but it could also be another nation that doesn't want the US and Iran to be on good terms. For instance, Airbus stands to make billions of dollars selling aircraft to Iran, made easier by ensuring that Boeing is locked out of the sale. Saudi Arabia would stand to lose a lot of money if Iranian Oil were to flood the US market. Israel wouldn't mind if the US eliminated / destabilized Iran.

    I'm saying that any of those are even realistic possibilities, but just that there are a lot of entities that would be motivated to carry out such an attack.

    1. Anonymous Coward
      Anonymous Coward

      Re: "why it believes the Iranian government is behind the hacks"

      @Crazy Operations Guy

      Clearly you haven't read the script on which nation is today's bad guy.

      Although with the US shortly starting a trade war with Europe, we may be tomorrow's bogie man. Now who could possibly benefit from that...?

      Maybe WW3 has already started.

      1. Crazy Operations Guy Silver badge

        Re: "why it believes the Iranian government is behind the hacks"

        "Clearly you haven't read the script on which nation is today's bad guy."

        I haven't, but then who has the time? It seems like every day the US has a new enemy, or new former-enemy-but-now-an-ally. Like apparently Saudi Arabia is now the US's ally even though they were threatening to go to war because they were "Funding terrorism".

        At this point, might as well consider every nation an enemy to the US, even the US itself.

        1. Anonymous Coward
          Anonymous Coward

          Re: "why it believes the Iranian government is behind the hacks"

          Correct.

          It's called perpetual war.

          Also known as US foreign policy.

        2. Archtech Silver badge

          Re: "why it believes the Iranian government is behind the hacks"

          We have always been at war with Eastasia.

        3. paulll Bronze badge

          Re: "why it believes the Iranian government is behind the hacks"

          *especially* the US itself.

      2. Anonymous Coward
        Anonymous Coward

        Re: "why it believes the Iranian government is behind the hacks"

        “ Maybe WW3 has already started.” some knowledgeable people seems to think so

      3. phuzz Silver badge

        Re: "why it believes the Iranian government is behind the hacks"

        "Clearly you haven't read the script on which nation is today's bad guy."

        You could pick up any script from the last thirty years and Iran would still be a baddie. The US government has had a hate-on for them since their friendly Shah was deposed.

    2. anonymous boring coward Silver badge

      Re: "why it believes the Iranian government is behind the hacks"

      Most weird conspiracy theories only serve to muddy the waters.

  6. sbt Silver badge
    FAIL

    Publicly encouraging foreign powers to hack didn't prevent Trump's election

    Of course there were many other deeply disturbing public comments that didn't harm him, either. There's clearly a lot of cognitive dissonance going on amongst Republicans.

    I disagree with a lot of Trump's policies (particularly foreign policies), but much more so his ham-fisted approach (c.f. Iran's nuclear program) and general incompetence (c.f. burning allied intelligence service assets (the Israelis', no less!) to the Russians). Even when impeachment fails in the Senate, the foregoing criticisms will stand.

    Sad!

    1. Archtech Silver badge

      Re: Publicly encouraging foreign powers to hack didn't prevent Trump's election

      When Washington is attempting to deceive and wreak harm abroad, I much prefer its executives to be ham-fisted.

      Before Trump, they usually worked by devious methods and the vast majority of Western citizens were completely oblivious to the terrible harm they did.

      1. sbt Silver badge
        Unhappy

        Bad at being bad is better

        Agreed to some extent; at least the incompetent ones get caught out. But the resulting distraction, embarrassment and partisan sh*t-fight is also damaging to the trust of citizens and allies alike. And much diplomatic harm can be done by the executive cronies without congressional oversight via mere public statements particularly when they're inconsistent, hypocritical or patently false.

        1. Bruce Ordway

          Re: Bad at being bad is better

          "Bad at being bad.."

          I used to work in a department where we subscribed to the theory of "Inverse Incompetency".

          Where a person incorrectly arrives as some belief/concept, set out to achieve a result but executes the plan so poorly that some opposite and totally correct result is achieved.

          Usually referenced when explaining how upper management survived some adventure.

          But.... even applied to me on occasion.

          1. Jimmy2Cows Silver badge
            Pint

            Re: Inverse Incompetency

            I like it, and will steal it accordingly.

            1. Archtech Silver badge

              Re: Inverse Incompetency

              "You will, Oscar, you will".

  7. Twanky Bronze badge
    Unhappy

    From the closing paragraph of the article...

    '...hostile nations are investing significant energy and resources into disrupting American elections by stealing and weaponizing private information.'

    FTFY

    It's not just nation states stealing the private information and it's not just politically active people being targeted. Why were 'we' so complacent as to allow such insecure services to become so critical to our political, business and private lives?

    1. Pascal Monett Silver badge

      Because convenience, lack of awareness or lack of caring, and all of the above.

      We have sleepwalked into a surveillance state and the state had nothing to do with it.

    2. Jellied Eel Silver badge

      Re: From the closing paragraph of the article...

      It's not just nation states stealing the private information and it's not just politically active people being targeted. Why were 'we' so complacent as to allow such insecure services to become so critical to our political, business and private lives?

      Or, why have we allowed security services to become so critical to our political lives? Apparently the whistleblower who started the impeachment process was a registered Democrat. Who may or may not have helped Adam Schiff create his 'parody' account of Trump's phone call with the Ukrainian president. But he's just chair of the House Intelligence Committee, so making stuff up goes with the territory. Or, as the BBC puts it..

      https://www.bbc.co.uk/news/world-us-canada-49942394

      "We deeply regret that President Trump has put us - and the nation - in this position, but his actions have left us with no choice but to issue this subpoena," the Democrats wrote in a letter to the White House.

      Or the Democrats might deeply regret the position the Bidens put them in by creating real or apparent conflicts of interest around Ukraine. I'm not sure if the Dems have decided to do a Bernie on Biden and decided to cripple his chances of winning in preference for another Democrat runner, but it's an odd situation. It also demonstrates how polarised politics has become, ie the way parts of the media insist that allegations around the Bidens are just conspiracy theories rather than something that should be investigated properly.

      1. Anonymous Coward
        Anonymous Coward

        "Apparently the whistleblower"

        Your single sentence before that was relevant. Everything after that was throwing mud. *Can* you see the difference?

        1. Kabukiwookie Silver badge

          Re: "Apparently the whistleblower"

          It's not jus slinging mud if it's factually correct.

          Is Trump corrupt and dodgy as hell? Yes. And he could be impeached over dozens of conflicts of interest that shows he's corrupt.

          Yet in this case it actually looks like Trump did try to 'clean the swamp' (of course for his own benefit).

          His followers will grab on to that and he will hammer Biden to the wall, since even if his son who started his job with Burisma was nkt corruption, it has the smell of corruption, because Biden was VP and the US was helping Poroshenko get into power.

          If your coke snorting son with no previous experience in the energy market gets a 50k/m job in the country where you just helped overthrow the previous government, that smells of corruption.

          If the Dems try to nail Trump down on just this issue, they'll get their ass handed back to them. It's almost as if they want this to fail, since they could have tacked on so much more to show that Trump is an idiot.

      2. veti Silver badge

        Re: From the closing paragraph of the article...

        I don't know of anyone who has any objection to the Bidens being investigated. Investigate away. And by all means let the FBI co-operate with its sibling agencies in other countries to get information from them if it needs to.

        But that's not the same as the president of the USA phoning a foreign leader and letting it be known that he wants a particular result to an investigation, as "a favor". It's not in the same ballpark. It's not even the same sport.

        Can you see the difference?

        1. Kabukiwookie Silver badge

          Re: From the closing paragraph of the article...

          Though I think doing this Biden investigation is for the sole benefit of idiot Trump.

          and letting it be known that he wants a particular result to an investigation

          This is not correct, it's nowhere in the memorandum that was disclosed. You're regurgitating corporate media talkimg points, which will actually help Trump, since he can actually point to this being factually incorrect.

          If you want to get rid of Trump stay with the facts, there are already enough factually provable other things to impeach the guy.

          1. anonymous boring coward Silver badge

            Re: From the closing paragraph of the article...

            Look, withholding much needed and earlier promised support in order to get a certain result from an investigation (don't be a fool -a certain result is what's requested) is simple extortion. Extorting a foreign government, or in any other way getting help from a foreign government, to help destroying a national competing politician is illegal. End of.

            All the other whataboutery you can think of is irrelevant. (The whistleblower was a Democrat.. Duhh..)

            1. Kabukiwookie Silver badge

              Re: From the closing paragraph of the article...

              Look, I know that Trump has the effect of activating people's amygdala, but stop for a moment and think about:

              1) The odds of him being impeached just over this ambiguous phone call are slim to non-existent. If it does fail, it will embolden his followers to no end, it even may wind up getting him a second term in office.

              2) Real visible corruption, such as SA princes spending huge amounts at Trump resorts just prior to Trump approving a $10B arms deal seems like a conflict of interest. Along with the pussy grabbing statements, that would make a much better chance for impeachement.

              3) What happens if this, against all odds, does work and Trump is impeached. Instead of Trump, you'll get a president who really believes the planet is 6000 years old and that the second coming of Jesus is nigh. Do you really want someone like that with his finger on the nuclear button?

              I don't know about you, but after 3 years of enduring Trump, what's one more year to kick him out through the ballot box?

      3. anonymous boring coward Silver badge

        Re: From the closing paragraph of the article...

        "Apparently the whistleblower who started the impeachment process was a registered Democrat. Who may or may not have helped Adam Schiff create his 'parody' account of Trump's phone call with the Ukrainian president. "

        You really must get off Fox.. It makes you dumber by the minute.

  8. Archtech Silver badge

    Yet another "highly likely" attribution of blame

    '“We’ve recently seen significant cyber activity by a threat group we call Phosphorous, which we believe originates from Iran and is linked to the Iranian government,” Microsoft’s vice president of customer security and trust Tom Burt said in a blog post on Friday'.

    The significant words are "we believe".

    As usual, no reasons or evidence whatever are adduced for the belief Microsoft is happy to announce.

    Just like MH17, the Skripals, Gaddafi's Viagra, Saddam's WMD, Assad's sarin, Russiagate... and on and on and on. Incidentally, the misspelling "phosphorous" is typically American. Foreigners often speak and write English more correctly.

    Technically, of course, Microsoft is not a part of the US government. It seems, however, that it now acts as if it were - like virtually all the mainstream media, Hollywood, and most of corporate America.

    One pragmatic definition of fascism is a system where the state and the corporations work closely together to further their joint ends.

    1. Mike Moyle Silver badge

      Re: Yet another "highly likely" attribution of blame

      "Incidentally, the misspelling "phosphorous" is typically American."

      Gee... An American company creates a code name to denote a threat and uses an idiomatic spelling (intentionally or un-) for it and you apparently think that there's some sort of a sinister conspiracy about it. As far as we know, it's not the threat group calling itself that, which MIGHT indicate something.

      As Walter Kotschnig said in a 1940 speech at Mount Holyoke College, it's important to keep an open mind, “but not so open that your brains fall out.”

      1. This post has been deleted by its author

        1. GrapeBunch Silver badge

          Re: Yet another "highly likely" attribution of blame

          Phosphorus is the 15th Element, but Phosphorous is also a perfectly good word, and in many instances refers to the Element, say, in the manner of Phosphorus. Neither word is wrong. Now, phos off.

          This advisory brought to you in seconds by any search engine.

  9. Steve Davies 3 Silver badge
    Holmes

    And in other news...

    Microsoft has products and services to sell.

    Instead Microsoft proposes that people used its Authenticator app, which provides a login code that changes every 30 seconds in order to access their accounts.

    Now that's a suprise (not) !

    1. Andrew Dancy

      Re: And in other news...

      To be fair, it's just an implementation of TOTP (so you can use any TOTP app such as Google Authenticator, you don't have to use the Microsoft one. It still means the seed values are known by Microsoft so it's probably not perfect for tinfoil hat types, but it's certainly better than SMS based authentication which is trivial for a major player to compromise.

  10. Anonymous Coward
    Anonymous Coward

    I object to the lack of apostrophes in this headline

    (see title)

    1. veti Silver badge

      Re: I object to the lack of apostrophes in this headline

      And I object to the lack of the word "and", but here we both are anyway.

    2. GrapeBunch Silver badge

      Re: I object to the lack of apostrophes in this headline

      'Iran'

  11. mutin

    speculation without knowledge id BS

    It would be good to read some comments concerning technical details of this article or MS info or Iran's hacking in general. However, ALL went to whistle rather than moving -political speculations without any real ground. Iran will not help in political games to President Tramp and neither Democrats. Both are enemies to Iran. So, hacking was not about US politics, President Tramp and stupid attempts to hurt the President basically on nothing. So, the article speculation is pure BS and the most of comments as well. The real purpose was either money or information. The same as China, N. Korea and others alike.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019