Iranian hackers have been “password spraying” the US grid

Iranian Cyber Attacks on US Information Grid

Electricity pylons at sunset: State-sponsored group “Magnallium” has been probing US utilities for the past year

In the wake of the US assassination of Iranian general Qasem Soleimani and the retaliatory missile strike that followed, Iran-watchers have warned that the country could deploy cyberattacks as well, perhaps even targeting US critical infrastructure like the electric grid.

A new report lends some fresh details to the nature of that threat: By all appearances, Iranian hackers don’t currently have the capability to start causing blackouts in the US. But they’ve been working to gain access to American electric utilities, long before tensions between the two countries came to a head.

Magnallium has been carrying out a broad campaign of so-called password-spraying attacks, which guess a set of common passwords for hundreds or even thousands of different accounts, targeting US electric utilities as well as oil and gas firms, according to WIRED, the Source of this story, also reprinted in Ars Technica. Click the links for the rest of the story.