The recent increase in piracy campaigns backed by the state is not diminishing in the short term. The US cyber command, reported that unnamed state actors have made “active malicious use” of an Outlook vulnerability of the 2017 to escape the sandbox and run malware. Though the officials did not disclose any confirm involvement but some clues have suggested there is connection with Iran.
ZDNet pointed that Iranian-backed hacking team, APT33, had used the same vulnerability in December to install servers and push the flaw to Outlook users. Brandon Levene, of Chronicle Security, reported that the Cyber Command code examples appeared to be related to the Shamoon malware. Symantec had also warned about the increase in the group’s activity in recent months.
If it is Iran and not Russia, this suggests that political tensions are being translated directly into the digital field. It is believed that the United States has eliminated Iranian missile and missile systems with a cyber attack in late June, for example. Although this Outlook campaign is not necessarily a direct reprisal for the missile effort, it is hard to imagine that Iran will not do anything in response.
In recent times, US military commanders have chosen more often to fight their enemies in cyberspace, where they have an increasingly strong military capability, instead of taking more offensive and costly military actions. The online operations are intended to dissuade Iran from committing further aggressions within this shadow war that both countries are beginning to wage.