All Press Releases

Unprecedented Malware Targets Industrial Safety Systems

By Paul Edwards

Published: December 18th, 2017

Since Stuxnet first targeted and destroyed uranium enrichment centrifuges in Iran last decade, the cybersecurity world has waited for the next step in that digital arms race: Another piece of malicious software designed specifically to enable the damage or destruction of industrial equipment. That rare type of malware has now reappeared in the the Middle East. And this time, it seems to have the express intention of disabling the industrial safety systems that protect human life.

Security firm FireEye today has revealed the existence of Triton, also known as Trisis, a family of malware built to compromise industrial control systems. Although it’s not clear in what kind of industrial facility—or even what country—the sophisticated malware appeared, it targets equipment that’s sold by Schneider Electric, often used in oil and gas facilities, though also sometimes in nuclear energy facilities or manufacturing plants. Specifically, the Triton malware is designed to tamper with or even disable Schneider’s Triconex products, which are known as “safety-instrumented systems,” as well as “distributed control systems,” made by a separate company, used by human operators to monitor industrial processes.

SIS components are built to run independently from other equipment in a facility and monitor potentially dangerous conditions, triggering alerts or shutdowns to prevent accidents or sabotage. By obtaining a foothold in the DCS, hackers could use Triton create a situation that might cause physical harm, or an explosion or a leak. And because Triton’s code also contains the express ability to disable Triconex safety measures, the failsafes that exist to shut down equipment in those situations would be unable to respond. That makes for a dangerous new escalation of hacker tactics that target critical infrastructure.

“[FireEye subsidiary] Mandiant recently responded to an incident at a critical infrastructure organization where an attacker deployed malware designed to manipulate industrial safety systems,” FireEye’s report on its new malware finding reads. “We assess with moderate confidence that the attacker was developing the capability to cause physical damage and inadvertently shutdown operations.”

For the full article, please click here

ABOUT THE AUTHOR

Paul Edwards

Digital Market Apprentice at Bay Publishing, curating what gets published across all of our digital products. If you spot a mistake or would like to read more about a certain topic on any of our magazine websites let me know using the contact button above.

HSME on Twitter

Avatar HSME Magazine @HSMEMagazine·

2 Dec

✨ Happy UAE 50th National Day ✨

We are proud to honour the UAE’s 50 years of growth, history, and innovation today. It has been our privilege to support the incredible success and progress of the UAE’s safety industry since our inception. Team HSME wish you a wonderful day.

Reply on Twitter 1466339786319347713 Retweet on Twitter 14663397863193477131 Like on Twitter 14663397863193477133 Twitter 1466339786319347713

Stay up to date from anywhere in the world, with instant access to the latest issue straight from your phone, tablet or laptop.
Trust that you’re getting the best content from our range of internationally accredited authors.
Get full access to our archives and see how occupational safety has evolved with us over the years.
Enjoy our monthly newsletter curated with up-to-the-minute news and a selection of editor’s top picks.
Hot off the press and straight to your door – look forward to your own glossy copy of HSME, delivered five times a year

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Unprecedented Malware Targets Industrial Safety Systems

FEATURED ARTICLES

HSME on Facebook

HSME on Twitter

Unprecedented Malware Targets Industrial Safety Systems

Digital Technology To Drive Mining Health and Safety