EXPERT COMMENTS: Iranian Hackers Have Been ‘Password-Spraying’ US Electric Utilities

In response to reports that an Iranian state-sponsored hacking group has been ‘password-spraying’ U.S. electric utilities for the past year, experts commented below.


EXPERTS COMMENTS
Chris Kennedy, CISO and VP of Customer Success ,  AttackIQ
January 10, 2020
Iran has a well-funded and state-supported offensive cyber capability.
Cyber attacks are commonly used in warfare today as they are cheaper and easier than any other kind of army to raise. Iran has a well-funded and state-supported offensive cyber capability, and this malware incident will likely be followed by other attacks. We have witnessed over the past five years an increase of state-sponsored attacks directed at “civilian,” or commercial, organizations as m ....
[Read More >>]
Tim Erlin, VP of Product Management and Strategy ,  Tripwire
January 10, 2020
Prevention is the preferred method of malware defense.
The headline here is the malware itself, but it’s important to remember that the point of entry was an unpatched vulnerability. Prevention is the preferred method of malware defense. It’s likely we’ll see more of this type of state-sponsored activity. I wouldn’t expect this is the last we’ll hear about the Dustman malware. This attack could have been much worse, and while we don’t kn ....
[Read More >>]
Roger A. Grimes, Data-Driven Defense Evangelist,  KnowBe4
January 10, 2020
Before the Saudi Aramco attack, Middle East computer security was worse than poor.
The lack of utter devastation this time around should be counted as a major computer defense success. The 2012 Disttrack attack against Saudi Aramco, which devastated that company and put all of Saudi Arabia on it’s heels for half a year, led to the better successful defense of Bahrain. The Saudi Aramco attack changed everything for that part of the world. Before the Saudi Aramco attack, Middle ....
[Read More >>]
Rosa Smothers, SVP of Cyber Operations,  KnowBe4
January 10, 2020
The U.S. government has repeatedly warned the private sector about Iranian cybersecurity threats.
It's widely known that APTs 33 and 34 are associated with Iranian state sponsored hackers. The U.S. government has repeatedly warned the private sector about Iranian cybersecurity threats, specifically regarding their go-to access methods - phishing attacks and password spraying. No one should be surprised by this, and something as basic as rejecting frequently used or known breached passwords ar ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article