Iranian Hackers Have Hit Hundreds of Companies in Past Two Years

Cyberattack campaign has caused damages estimated at hundreds of millions of dollars, focusing on Middle East but also affecting U.S.

Cyberattacks linked to Iranian hackers have targeted thousands of people at more than 200 companies over the past two years, Microsoft Corp. MSFT 0.04% said, part of a wave of computer intrusions from the country that researchers say has hit businesses and government entities around the globe.

The campaign, the scope of which hadn’t previously been reported, stole corporate secrets and wiped data from computers. It caused damages estimated at hundreds of millions of dollars in lost productivity and affected oil-and-gas companies, heavy-machinery manufacturers and international conglomerates in more than a half-dozen countries including Saudi Arabia, Germany, the U.K., India and the U.S., according to researchers at Microsoft, which deployed incident-response teams to some of the affected companies.

“These destructive attacks…are massively destabilizing events,” said John Lambert, the head of Microsoft’s Threat Intelligence Center.

Microsoft traced the attacks to a group it calls Holmium. It’s one of several linked by other researchers over the past year to hackers in Iran, a country that many security researchers say aspires to join Russia and China as one of the world’s premier cyber powers. Some of Holmium’s hacking was done by a group known as APT33, Microsoft said.

In the past, Iran has denied involvement in such cyberactivity. A spokesman for Iran’s mission to the United Nations didn’t return messages seeking comment.

More From The Wall Street Journal (subscription required):