Microsoft Exposes Utilization Of AI Tools By State-Backed Hackers
State-backed hackers from Russia, China, and Iran have been leveraging tools developed by Microsoft-backed OpenAI to enhance their cyber espionage capabilities.
State-backed hackers from Russia, China, and Iran have been leveraging tools developed by Microsoft-backed OpenAI to enhance their cyber espionage capabilities.
Microsoft disclosed on Wednesday that hacking groups affiliated with entities such as Russian military intelligence, Iran's Revolutionary Guard, and Chinese and North Korean governments had been utilizing large language models, a form of artificial intelligence, to refine their hacking techniques. The models utilize extensive text data to generate responses that closely resemble human language.
In response to the findings, Microsoft has imposed a blanket ban on state-backed hacking groups from accessing its AI products, regardless of any legal or terms of service violations. According to Tom Burt, Microsoft's Vice President for Customer Security, the company aims to prevent threat actors from exploiting this technology for malicious purposes.
While Russian, North Korean, and Iranian diplomatic officials have not yet commented on the allegations, China's US embassy spokesperson Liu Pengyu rejected the accusations.
Microsoft further detailed various ways in which such hacking groups utilized large language models, including research on military technologies, spear-phishing campaigns, and crafting convincing emails to deceive targets.
Earlier this year, Microsoft warned that Russia, Iran, and China are likely to plan to influence the upcoming elections in the United States and other countries in 2024. Microsoft's Threat Analysis Center also confirmed that Iran has intensified its cyberattacks and influence operations since 2020.
The two, Edman Nafrieh (Adman Nafariyeh) and Ali Bayandarian, collaborated with Parsargad Bank to sell millions of dollars' worth of Iranian oil illegally, a common practice for the Islamic Republic meant to circumvent the US sanctions on its oil industry and banking sector.
The operation allegedly took place under the auspices of the Headquarters of Imam's Directive (Executive Headquarters of Imam's Order or simply Setad), a parastatal organization under direct control of the Supreme Leader. A committee known as the "Cover Committee," which includes key figures of Iran’s Supreme National Security Council purportedly issued credit lines to intermediaries for bypassing sanctions.
The Islamic Republic has numerous mechanisms in place through a wide range of entities and organizations to sell its oil via third parties to evade sanctions. The country has also started giving oil to state organizations, including the IRGC, as a way to boost their budgets without actually allocating any money to them. Such operations are usually carried out by a network of state bodies and businesspeople with close ties to the regime, who usually gain huge profits in the process. However, with every new administration in office, former assets become a liability and bear the brunt of the political games of the regime.
Edman Nafrieh, 43, who lives in an upmarket part of Tehran, is one of such businesspeople who were trusted by the Setad to sell Iranian oil. His real name, Arman, was changed to Adman in 2007 and later to Adrian, as he gradually whitewashed his Iranian origins. Finally in January last year, he changed his last name to Touran to complete his more Western cover image. Through a network of companies active in the field of energy in Tehran and Dubai, Nafrieh is still active in illegal sales of Iran’s oil as well as bitumen industry.
In one case in 2019, two senior figures of the cover committee – Yahya Alavi and Mohammad Mirmohammadi -- requested Parsargad Bank to issue a $500 million bank guarantee in the name of Nafrieh to sell the oil, which was under the control of the Setad. Apparently, he never paid back about $300 million of the oil sale proceeds.
He was designated by the US in November 2022 along with five other people and 17 entities in a crackdown on a sanctions evasion network that provided support to Iran’s proxy in Lebanon Hezbollah and the Islamic Revolutionary Guard Corps-Qods Force (IRGC-QF).
Ali Bayandarian, another member of the Setad’s oil smuggling network, was also sanctioned by the US in January 2020 as Washington designated four companies accused of purchasing Iranian oil and petrochemical products. Bayandarian was designated over his links to the companies.
Documents leaked by a cyberattack on the Iranian parliament’s media arm on Tuesday revealed the parliament's coordination with designated Iranian entities and individuals to facilitate their trade activities and conceal their identities and connections from international regulatory bodies.
Nafrieh and Bayandarian are just small cogs in Iran’s huge network in charge of keeping the flow of oil revenues around global sanctions.
Iran’s oil exports have been increasing in recent years, from a low of less than 500,000 barrels per day after the US re-imposed sanctions on Iran in 2019 to as high as over 1,500,000, a rise that regime officials attribute to measures to bypass the punitive measures rather than an honest interaction with the world.
One of the most well-known cases was former tycoon Babak Zanjani, who now faces execution for embezzling the proceeds of oil sales totaling around $3.5 billion. Zanjani was arrested and convicted in 2013 after Hassan Rouhani was elected president, but has always maintained his innocence and that the death sentence passed was "politically motivated."
Zanjani sold Iranian oil on behalf of the NIOC during President Mahmoud Ahmadinejad's second term (2009-13) through an elaborate network of black-market dealers and money-launderers − particularly in the UAE, Turkey and Malaysia. He was subsequently sanctioned by the Council of the European Union in December 2012 and by the United States Treasury in April 2013.
Among these hardliners, there's notable concern regarding the prospect of Donald Trump making a political comeback. Trump's withdrawal from the 2015 Joint Comprehensive Plan of Action (JCPOA) shattered the hopes of both Iranian hardliners and moderates, who had envisioned reaping benefits from the nuclear deal with the West in exchange for curbing their nuclear ambitions, while expanding their conventional capabilities and regional influence.
Since then, although the Biden Administration has been too kind to Tehran and often turned a blind eye in the face of mischiefs by Tehran, politicians in Tehran still believe that Biden could have done more than giving billions of dollars to Iran in return for releasing US hostages and releasing Iran's frozen assets in South Korea, Iraq and elsewhere.
Supreme Leader Ali Khamenei and his hardline loyalists have little reason to be alarmed by the prospect of President Joe Biden taking tougher action, as they succeeded in convincing his administration to release billions of dollars. They have been led to believe that they can influence the current administration by occasional sabre rattling or by threatening a nuclear escalation, which would be stopped by more concessions from the United States.
Earlier in this week, former Foreign Minister Ali Akbar Salehi implied that Iran has already surpassed the nuclear threshold.
However, the Iranian Parliament's research center warned the country's top officials including Khamenei about the bleak economic implications of Trump's victory in US elections.
Meanwhile, after a eulogist harshly criticized Iran's moderates and particularly former President Hasan Rouhani for spending too much time and resources to revive the 2015 JCPOA nuclear deal, reformist activist Reza Nasri reminded hardliners that if they had allowed the former government to revive the JCPOA during Biden’s presidency, most of its restrictions would have disappeared in due course.
Nasri further cautioned the ruling hardliners that within a year, Iran's nuclear dossier would be revisited at the UNSC, posing a challenging scenario should Donald Trump or Nikki Haley win the US presidential election. While Trump's foreign policy largely revolved around relations with Ukraine and Russia, Haley has consistently adopted a tough stance on Tehran and its leading clerical figures.
Highlighting the potential repercussions, Nasri warned that Iran's UNSC dossier could adversely impact three generations of Iranians.
Conversely, the Majles Research Center highlighted the concerning trend of Iran's diminishing foreign currency reserves over recent years, likening it to a form of economic disarmament. Warning of potential repercussions, the Center cautioned that a return of Trump to the White House could result in more sanctions, and this will be a shock to the financial markets in Iran. Furthermore, Trump has promised to make a deal with Russia and to focus on harnessing China. In this case, China is likely to reduce oil purchase from Iran and this will further shrink Iran's foreign currency reserve.
Furthermore, the Research Center pointed out another implication of Trump's potential return to the White House: challenges in Iran's economic partnership with Russia. Babak Negahdari, Chairman of the Majles Research Center, underscored the current decline in Iran's economy, evident from the situation of industries in the stock market, and emphasized the looming challenges ahead.
For instance, he highlighted a projected $3.7 billion deficit for importing essential commodities, which would require tapping into foreign currency reserves or the Central Bank. Negahdari warned of the likelihood of increased sanctions against Iran and the resultant shock to financial markets under a Trump presidency, suggesting that despite the Biden Administration's tenure, Iran's economic crisis may persist. He cited Iran's growing reliance on the UAE for marine logistics as a potential threat to food security and financial stability, indicating the pressing challenges facing Iran's economic landscape.
