Skip to main content

Iranian Hackers Have Been ‘Password-Spraying’ the US Grid

posted onJanuary 10, 2020
by l33tdawg
Wired
Credit: Wired

In the wake of the US assassination of Iranian general Qasem Soleimani and the retaliatory missile strike that followed, Iran-watchers have warned that the country could deploy cyberattacks as well, perhaps even targeting US critical infrastructure like the electric grid. A new report lends some fresh details to the nature of that threat: By all appearances, Iranian hackers don't currently have the capability to start causing blackouts in the US. But they’ve been working to gain access to American electric utilities, long before tensions between the two countries came to a head.

On Thursday morning, industrial control system security firm Dragos detailed newly revealed hacking activity that it has tracked and attributed to a group of state-sponsored hackers it calls Magnallium. The same group is also known as APT33, Refined Kitten, or Elfin, and has previously been linked to Iran. Dragos says it has observed Magnallium carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms.

A related group that Dragos calls Parisite has worked in apparent cooperation with Magnallium, the security firm says, attempting to gain access to US electric utilities and oil and gas firms by exploiting vulnerabilities in virtual private networking software. The two groups' combined intrusion campaign ran through all of 2019 and continues today.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th