Home
Forums
New posts
Search forums
What's new
New posts
New profile posts
Latest activity
Members
Current visitors
New profile posts
Search profile posts
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Home
Forums
CARDING & HACKING
Carding News
Aliquippa pumping station attack: SecurityScorecard reveals new details
Message
<blockquote data-quote="Brianwill" data-source="post: 919" data-attributes="member: 15"><p>10 IP addresses that could have been used by intruders were identified.</p><p></p><p>The team has established with high confidence the IP addresses of the websites used for the November cyberattack on the Municipal Water Supply Administration of Aliquippa (MWAA) in Pennsylvania.</p><p></p><p>The CyberAv3ngers group, allegedly acting in the interests of Iran, has already claimed responsibility for the attack. Hackers left a kind of "digital message"in their Telegram channel. The findings of SecurityScorecard confirm that this was not an empty threat, but a real attack.</p><p></p><p>The study identified 10 addresses whose activity in the run-up to the attack, according to SecurityScorecard, could be regarded as a "wake-up call". Four of these IP addresses generated almost two-thirds (180 out of 303) of the data streams sent to the water authority's servers in the month before the incident.</p><p></p><p>Further analysis revealed that the four suspicious addresses exchanged information with 368 other protocols registered in Iran.</p><p></p><p>"Given that the CyberAv3ngers hacker group was previously linked to Iran, SecurityScorecard specialists analyzed traffic for these four IP addresses to find additional evidence of their origin," the experts explain in their report.</p><p></p><p>Added to SecurityScorecard: "It is unlikely that all 368 Iranian IP addresses were involved in malicious activities of criminals (there are also legitimate cases of VPN use). Therefore, the researchers focused on those identifiers that were most likely to be involved in activities aimed at water management."</p><p></p><p>Thus, the list was narrowed down to 6 addresses, which, together with the four main ones, made up the mentioned top ten.</p><p></p><p>Analysts believe that in the future, careful monitoring of IP traffic will help prevent similar incidents. In their opinion, organizations will be able to protect themselves by tracking links to the listed identifiers.</p><p></p><p>The SecurityScorecard team also noted the vulnerability of local governments and utilities, which often do not have reliable protection against sophisticated cyber attacks. This makes them a particularly tempting target for hackers acting in the interests of states.</p></blockquote><p></p>
[QUOTE="Brianwill, post: 919, member: 15"] 10 IP addresses that could have been used by intruders were identified. The team has established with high confidence the IP addresses of the websites used for the November cyberattack on the Municipal Water Supply Administration of Aliquippa (MWAA) in Pennsylvania. The CyberAv3ngers group, allegedly acting in the interests of Iran, has already claimed responsibility for the attack. Hackers left a kind of "digital message"in their Telegram channel. The findings of SecurityScorecard confirm that this was not an empty threat, but a real attack. The study identified 10 addresses whose activity in the run-up to the attack, according to SecurityScorecard, could be regarded as a "wake-up call". Four of these IP addresses generated almost two-thirds (180 out of 303) of the data streams sent to the water authority's servers in the month before the incident. Further analysis revealed that the four suspicious addresses exchanged information with 368 other protocols registered in Iran. "Given that the CyberAv3ngers hacker group was previously linked to Iran, SecurityScorecard specialists analyzed traffic for these four IP addresses to find additional evidence of their origin," the experts explain in their report. Added to SecurityScorecard: "It is unlikely that all 368 Iranian IP addresses were involved in malicious activities of criminals (there are also legitimate cases of VPN use). Therefore, the researchers focused on those identifiers that were most likely to be involved in activities aimed at water management." Thus, the list was narrowed down to 6 addresses, which, together with the four main ones, made up the mentioned top ten. Analysts believe that in the future, careful monitoring of IP traffic will help prevent similar incidents. In their opinion, organizations will be able to protect themselves by tracking links to the listed identifiers. The SecurityScorecard team also noted the vulnerability of local governments and utilities, which often do not have reliable protection against sophisticated cyber attacks. This makes them a particularly tempting target for hackers acting in the interests of states. [/QUOTE]
Name
Verification
Post reply
Home
Forums
CARDING & HACKING
Carding News
Aliquippa pumping station attack: SecurityScorecard reveals new details
Top