Iranian Attacks on Industrial Control Systems
New details:
At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company’s threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group carry out so-called password-spraying attacks over the past year that try just a few common passwords across user accounts at tens of thousands of organizations. That’s generally considered a crude and indiscriminate form of hacking. But over the last two months, Microsoft says APT33 has significantly narrowed its password spraying to around 2,000 organizations per month, while increasing the number of accounts targeted at each of those organizations almost tenfold on average.
[…]
The hackers’ motivation—and which industrial control systems they’ve actually breached—remains unclear. Moran speculates that the group is seeking to gain a foothold to carry out cyberattacks with physically disruptive effects. “They’re going after these producers and manufacturers of control systems, but I don’t think they’re the end targets,” says Moran. “They’re trying to find the downstream customer, to find out how they work and who uses them. They’re looking to inflict some pain on someone’s critical infrastructure that makes use of these control systems.”
It’s unclear whether the attackers are causing any actual damage, or just gaining access for some future use.
Jenny • December 17, 2019 6:46 AM
So if accurate and not simply a piece of propaganda, it would seem they’re doing nothing more than what Israel and US did with Stuxnet. Sure is hard to get outraged over that if you’ve been paying attention.
“The hackers’ motivation — and which industrial control systems they’ve actually breached — remains unclear.” Would seem to point to this being propaganda as even a child could come up with a likely reason why Iran would want to explore this and many a child would be able to see it’s probably justified.
As always the best way to improve security, whether technological or national, is to improve people’s lives, not bully them. What a radical concept.