A notorious Iranian hacking crew is targeting industrial control systems

Artist's impression of a malicious hacker coding up a BlueKeep-based exploit.

Enlarge / Artist's impression of a malicious hacker coding up a BlueKeep-based exploit. (credit: Getty Images / Bill Hinton)

Iranian hackers have carried out some of the most disruptive acts of digital sabotage of the last decade, wiping entire computer networks in waves of cyberattacks across the Middle East and occasionally even the US. But now one of Iran's most active hacker groups appears to have shifted focus. Rather than just standard IT networks, they're targeting the physical control systems used in electric utilities, manufacturing, and oil refineries.

At the CyberwarCon conference in Arlington, Virginia, on Thursday, Microsoft security researcher Ned Moran plans to present new findings from the company's threat intelligence group that show a shift in the activity of the Iranian hacker group APT33, also known by the names Holmium, Refined Kitten, or Elfin. Microsoft has watched the group carry out so-called password-spraying attacks over the past year that try just a few common passwords across user accounts at tens of thousands of organizations. That's generally considered a crude and indiscriminate form of hacking. But over the last two months, Microsoft says APT33 has significantly narrowed its password spraying to around 2,000 organizations per month, while increasing the number of accounts targeted at each of those organizations almost tenfold on average.

Microsoft ranked those targets by the number of accounts hackers tried to crack; Moran says about half of the top 25 were manufacturers, suppliers, or maintainers of industrial control system equipment. In total, Microsoft says it has seen APT33 target dozens of those industrial equipment and software firms since mid-October.

Read 10 remaining paragraphs | Comments

Source

Veröffentlicht von Paul Christoph

Mein Name ist Paul Christoph Feichtinger, geboren am 15.5.1991 in Oberndorf bei Salzburg und mittlerweile stolzer Autor von 11 Büchern (7 in Deutsch und 4 in Englisch), 4 Apps (bald kommt Nummer 5) und dieser Webseite. Bei Paul Solutions bekommen alle Bücher und Apps ihre Form. Sieh dich ruhig ein bisschen auf meiner Webseite um, vielleicht gibt es auch für dich noch das ein oder andere zu entdecken. ;-)

Kommentar verfassen

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.

%d Bloggern gefällt das: