Caught in the Iranian War crossfire: Big Tech, Microsoft and Windows

Iran’s most potent weapon in the war with the United States is pretty clear: attack the world’s oil and gas infrastructure by closing off access to the Strait of Hormuz. But Big Oil isn’t the only industry Iran is aiming for — it’s also attacking Big Tech. And that includes Microsoft, which is directly in Iran’s cross-hairs. The longer the war goes on, the more likely it is that Iran will hit Microsoft in big ways and small.

Microsoft and tech giants such as Google, Amazon, OpenAI and others are vulnerable because Persian Gulf countries have been among the world’s most aggressive investors in AI and in the massive infrastructure needed to support AI data centers — all those cloud services and multi-gigawatt power-generating plants at the heart of the current boom.

Gulf countries have gone all in on AI for several reasons. They’re looking to invest profits from oil and gas sales, and figure AI is a good bet. Their electric costs are cheaper than in the US — five cents per kilowatt hour in Bahrain and Saudi Arabia and three cents per kilowatt hour in Qatar versus 18 cents per kilowatt hour in the United States. And they want to find an alternative to oil revenues; over the long term, oil will likely be replaced with more sustainable forms of energy.

Microsoft has been part of that investment scene. In just one example, it partnered with G42, , a United Arab Emirates-based company which The New York Times notes, “is building an artificial intelligence industry as an alternative to oil income.” The deal was brokered in part by the Biden Administration. Since then, however, US President Donald J. Trump has been helping tech companies, including Microsoft, make other big deals as well. 

Microsoft’s facilities at risk in the Middle East 

As a result, Microsoft now has a sprawling presence throughout the Gulf, Israel and Middle East that is vulnerable to drone and missile attacks. In mid-March, after the data center of an Iranian bank was attacked by air, Iran threatened to attack holdings of American tech firms, including Microsoft and others.

It listed the holdings it might go after, including Microsoft cloud and data center infrastructure in Israel, the United Arab Emirates (UAE) and Bahrain, as well as corporate offices in Israel and the UAE. Microsoft has far more facilities than that in the Middle East that could also eventually be targeted.

Microsoft hasn’t yet been hit directly by Iran. But Amazon has been — with drone attacks on Amazon Cloud Services in data centers in the UAE and Bahrain, causing emergency shutdowns, fires, and service outages. Iran’s state-run media said it attacked the centers because they directly supported the US and Israel’s war efforts.

(There’s been no evidence so far that Microsoft cloud or data center infrastructure is being used in the war, and Microsoft has made no statements about whether that’s the case.) 

Iranian hackers target Windows

In another avenue of attack, Iranian hackers have been behind cyberattacks against US companies – and they’ve used security holes in Windows to do so.

The largest known attack was on the giant medical tech firm Stryker. The Iranian hacker group Handala claimed that in the attack it completely wiped more than 200,000 servers and other devices, which forced Stryker to close its offices in 79 countries. The hackers also claimed to have stolen 50TB from Stryker systems. 

The group apparently created a Global Administrator account in Microsoft Intune, Microsoft’s cloud service for managing and securing devices, and used that account to launch the attack.

Security firm Tenable warns that there’s an even more dangerous Microsoft-related security hole that hasn’t been publicized that could spell larger problems for companies. “Tenable’s exposure data analysis across seven target countries reveals that the largest exploitable attack surface isn’t the headline threat, it’s a Microsoft Word N-day affecting nearly 14 million assets,” the company said.

More troubling still, Tenable claims that even after the war is over, the threat will remain:  “The access obtained during these weeks will persist in networks for months or years after a ceasefire.”

The hacking danger doesn’t directly harm Microsoft today, but it could lead to a long-term weakening of the trust enterprises put in it and its products. 

The longer this goes on…

The longer the war lasts, the more likely it is that Microsoft infrastructure in the Persian Gulf and throughout the Middle East might be hit — and the more likely that hackers will hit companies that use Microsoft technologies throughout the world.

Microsoft is finding out the hard way that although Trump’s reign may bring short-term benefits to it and other tech companies, in the long term, his actions in this war will only hurt the company.