
Iranian Hackers Have Been ‘Password-Spraying’ the US Grid - notlukesky
https://www.wired.com/story/iran-apt33-us-electric-grid/
======
LinuxBender
Could someone please explain to me why critical infrastructure is even
reachable by anyone not on a VPN owned by the infrastructure operators using
3+ factor authentication? And why are the source IP's not nullified internet
wide and special forces going to the source ISP's to melt them into the
ground? How is this even a thing?

