Microsoft: Attacks on Israel Mostly Exaggerated and Fabricated

Pro-Iranian hacktivists have made false claims on the strength of attacks made against Israel in the current conflict, while government agencies did not conduct pre-planned cyberattacks.

According to Microsoft, any claims of ransomware attacks by the groups "were almost certainly fabricated." Also Iranian actors claimed they successfully compromised cameras at a specific Israeli military installation, when it was revealed to be a compromise of connected webcams.

"In reality, the compromised cameras were located at scattered sites outside any one defined region" Microsoft said. "This suggests that despite Iran actors’ strategic claims, this camera example was ultimately a case of adversaries continuing to opportunistically discover and compromise vulnerable connected devices and try to reframe this routine work as more impactful in the context of the current conflict."

Microsoft's Threat Intelligence also said the success of network attacks have been exaggerated, and amplified "via a well-integrated deployment of information operations."

Also, neither the Iranian Ministry of Intelligence and Security (MOIS) nor Islamic Revolutionary Guard Corps (IRGC) had coordinated any attacks to align with the physical attack on Oct 7, Microsoft claimed. In fact, two separate "destructive attacks targeting infrastructure in Israel" were apparently conducted on Oct, 18. Details of these attacks were not detailed.

Microsoft Threat Intelligence anticipates that the longer the conflict goes on, the more likely it is Iranian operators will move from a reactive posture to more proactive activities.