ZDNet noted that a well-known Iran-backed hacking team, APT33, exploited the same vulnerability in December to install backdoors on servers and immediately pass the bug on to Outlook users. Brandon Levene of Chronicle Security also found that Cyber Command's code samples related to APT33's Shamoon malware was about deleting disks. Symantec had also warned of increased group activity in recent months.
If it is Iran and not a better-known perpetrator such as Russia, this indicates that political tensions are directly moving into the digital realm. The US is said to have put Iran's missile and missile systems out of action by a cyberattack in late June. While this Outlook campaign is not necessarily a direct retribution for the missile effort, it is hard to imagine that Iran will not do anything to respond.