Several years ago, the Stuxnet malware was used to damage enriched uranium centrifuges in Iran, to derail that country’s nuclear program. It was a historic moment on the timeline of nation-state cyberattacks. This week, news surfaced about a new malware called Triton, which targeted an industrial plant’s safety system in the Middle East.
This new development is concerning enough, but as MIT Technology Review points out, referring back to a report from MIT earlier in the year, “Pressure to make older equipment in utilities, transformers, and transmission lines compatible with newer, more efficient Internet-connected equipment at the lowest possible cost has too often made security an afterthought.” When security standards are not state of the art in situations like these, there’s a lot on the line.
Disturbingly, as Wired reports, “It (the malware) seems to have the express intention of disabling the industrial safety systems that protect human life.” It operates by zeroing in on safety instrumented systems (SIS) that are sold by Schneider Electric, which are used with distributed control systems (DCS). When compromised, the system can appear to be running normally, when conditions are actually unsafe.
Some theorize the attackers had hoped to emulate the impact Stuxnet achieved. Instead, it triggered a fail-safe response and shut down operations. Regardless, it is certainly an alarming development. Also, such shutdowns typically lead to financial loss.
Read the full story at Wired.