While AeroBlade’s techniques are more sophisticated in many ways, security pros say the initial attack vector was a common spearphishing attack – something U.S. companies must do a better job protecting against.
Default passwords enabled the Iranian-linked APT to compromise Israeli-made control systems at water and wastewater facilities, a public aquarium and a brewery.