%202.svg)
Bowman Avenue Dam
Iranian Islamic Revolutionary Guard Corps (IRGC)
Energy
None due to dam being offline for maintenance.
Exploited Cellular Modem in SCADA system with credential stuffing
Weak Credentials and Internet-exposed SCADA system
Network Cloaking and Passwordless Access
%20Cards.png)
Attributed to Iran, the 2013 infiltration of theBowman Avenue Dam control systems was oneof the first publicly reported events targeting UScritical infrastructure.
No destructive payload; relied on basic reconnaissance tools (e.g., network scanners, command-lineaccess via modem). Part of Operation Cleaver’stoolkit (retaliation against Stuxnet), including DDoSbots for financial DDoS, but here focused on ICSenumeration and probing for gate controls, sensors,and firmware versions.
The attack succeeded through simple networkinfiltration, highlighting a lack of basic perimeter controls and segmentation in the SCADA environment.
Given the simplicity of the infiltration, the failure wasprimarily due to basic perimeter security. BlastWave’s core value of network cloaking would haveprevented the infiltration immediately.
The control systems would not be visible or addressable from the corporate network or the publicinternet, requiring the attacker to first authenticateusing a valid, authorized identity, a step they clearlybypassed in the 2013 attack.
Reading about past failures is only useful if it changes future outcomes. If attackers can see your OT network, they can target it. If they can target it, compliance, safety, and uptime are already at risk.
BlastWave eliminates reconnaissance, initial access, and lateral movement — without agents, without downtime, and without changing IPs, protocols, or PLCs.