Risk of Destructive Attacks on the Electric Sector Significantly Increases
A new report highlights hacking activity targeting U.S. electric utilities and oil and gas firms attributed to the threat group Magnallium, widely known as APT33, an Iranian state-sponsored advanced persistent threat (APT), which largely consisted of password-spraying attacks – guessing passwords using a set of commonly-used credentials.
According to Dragos, Inc.'s January 2020 North American Electric Cyber Threat Perspective report, seven of 11 tracked activity groups target North American electric entities: PARISITE, XENOTIME, DYMALLOY, ALLANITE, MAGNALLIUM, RASPITE, and COVELLITE. Dragos identified a recent increase in activity targeting North American electric entities, led by the identification of PARISITE activity targeting known VPN vulnerabilities, and MAGNALLIUM password spraying campaigns focusing on oil and gas that expanded to include the electric sector.