SKeyes Center for Media and Cultural Freedom - Samir Kassir Foundation

Microsoft takes down a cyberattack on security & policy-related conference attendees

Source SKeyes
Thursday , 29 October 2020

On October 28, Microsoft released a blogpost on its website publicly sharing that they located and nullified a set of cyber attacks initiated by an Iranian actor named “Phosphorous”; these attacks primarily targeted ambassadors, senior policy experts, academics, and other officials whom may possibly attend the upcoming Think 20 (T20) conference in the Kingdom of Saudi Arabia and the 2021 Munich Security Conference.

The post hints that this entails a dangerous development given the sensitivity revolving around these two events, with the latter primarily concerned with the security of heads of state, and the former focused on critical policy proposals pertinent to the G20 states. Taking into account the available information, Microsoft’s security team does not believe these particular developments relates to the U.S. elections in any way - instead, the primary motive of the hackers and phishers was data collection.

 

Microsoft’s security team, also dubbed the “Threat Intelligence Information Center”, intercepted and detected faux-invitations forwarded to the potential attendees, some of whom were compromised in the process. The threat actor masqueraded as a conference organizer and sent a well-written email to the participants to inform them of particular remote accommodations to moderate COVID-19-related fears of a live conference.

 

Post-threat precautions

 

In order to counter any negative ramifications following such a violation of digital rights, Microsoft’s security team initially warned all participants of the different risks and informed them of the measures taken vis-à-vis these particular conferences or any other relatable events. The team further stressed on its support for multi-factor authentication as a method through which certain links can be tested for phishing hacks that seek user credentials.

 

Moreover, the team took the initiative to display the emails of the electronic imposters claiming to be organizers for both conferences; they also publicly put forth the domains and links used by the imposters to harvest the necessary information. Following these developments, the blogpost ended with the team’s reiterated and consistent desire to counter any violation of digital rights using adequate technological and legal instruments.

 

A month earlier, the U.S. identified two Iranian hackers supposedly working at the behest of the Iranian government. Such developments are telling of the possible ways in which technological capacity has been instrumentalized as a tool to intercept security and violate digital rights. One, however, ought to be skeptical about whether these ventures involve an explicit political involvement by governments and regimes. In any case, these events confirm the necessity of the conversation which ought to revolve around the very concept of digital rights - this concept has proven to be essential in the formulation of an adequate and fulfilling idea of global citizenship.

Share News