Recently, Triconex Industries was put at risk when hackers attempted to hack into its security systems, trying to control things. These attacks have a pattern. They are made on gas and oil industries.
When traced, several hack attempts were made in various industries but the first attack was reported in the Middle East, experts are believing it to be Saudi Arabia.
However, it took it a little while for the attack to come out in the open as the hackers are said to be in stealth mode.
How Were The Saudi Plants Hacked?
According to Galina Antova, co-founder of Claroty, a cybersecurity firm, the hackers used a malware called Triton that indicated that the systems were operating fine when in reality they weren’t.
Triton can reprogram the controls of equipment which are made by Schneider Electric. The equipment this company makes are usually to save human life as they are “safety instruments” used by workers while carrying out work on the field.
This malware had successfully override the program and the safety control workstation was controlled remotely via the hackers.
The hackers first passed controllers into the system to reprogram the security of the plant so that the attack couldn’t be spotted.
How Was The Attack Spotted?
The Vice President of CyberX, along with his security firm, found traces of Triton in the system. He hinted at Iran being involved since the country was already in news for attempting to hack Saudi companies in 2012 and 2017 using a virus called Shamoon.
What Did Schneider Electric Had To Say?
They labelled this whole incident as an isolated one and said that their systems aren’t vulnerable to such attacks. However, they said that they’d be looking into the matter and taking precautions.
The US Department Of Homeland Security is further investigating the incident because this was the first attack on a plant and can lead to future attacks, and even endanger human life.