reuters

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system

(Reuters) – Hackers likely working for a nation-state recently penetrated the safety system of a critical infrastructure facility in an attack that caused operations to shut down, according to cyber security firm FireEye Inc, which said it investigated the incident.

FireEye declined to identify the victim or industry, citing client confidentiality. It said it went public to highlight the escalating threat from hackers who are developing increasingly sophisticated tools to disrupt or cause physical damage to critical infrastructure, which includes facilities such as energy, water, chemical and manufacturing plants.

The U.S. government and private cyber-security firms have issued public warnings over the past few years about attempts by hackers from nations including Iran, North Korea and Russia and other nations to attack the companies that run such plants in what they say are primarily reconnaissance operations.

We want to make sure that the broader industry is aware that there are attackers with the capability and interest in targeting those types of systems, so they can take better precautions to defend against such attacks,” said Dan Scali, a FireEye manager who led the investigation.

In the recent incident, hackers used sophisticated malware to take remote control of a workstation running a safety system from Schneider Electric SE, then sought to reprogram controllers used to monitor the plant for potential safety issues. During that incident, some of the controllers entered a fail safe mode, which caused related processes to shut down and caused the plant to identify the attack, FireEye said.

FireEye believes the attacker’s actions inadvertently caused the shutdown while probing the system to learn how it worked, Scali said. The attackers were likely conducting reconnaissance to learn how they could modify safety systems so they would not operate in the event that the hackers intended to launch an attack that disrupted or damaged the plant, he said.

Reuters was unable to identify the victim or determine how the shutdown had affected its operations. Representatives with Schneider Electric could not immediately be reached for comment.

FireEye said it had not identified the hackers, but believed they were working on behalf of a nation state due to the sophistication of the campaign and its targeting of critical infrastructure.

The malware, which FireEye has dubbed Triton because it targets Schneider’s Triconex plant safety systems, is only the third type of computer virus discovered to date that is capable of disrupting industrial processes.

The first, Stuxnet, was discovered in 2010 and is widely believed by security researchers to have been used by the United States and Israel to attack Iran’s nuclear program.

The second, known as Crash Override or Industroyer, was discovered last year by researchers who said it was likely used in a December 2016 attack that cut power in Ukraine.

FireEye said it had briefed the U.S. Department of Homeland Security on its findings. A DHS representative said he had no immediate comment on the matter.

Article source: Reuters

CloudBuzz

The latest in curated technology related news collected from many of the leading news distribution, industry research and technology vendor firms on the planet.

Here you will find recent news sources from companies such as Reuters, Marketwired, IDC, Gartner or directly from cloud vendors such as Google, Microsoft or Amazon.

OpenStack private cloud revenues to outpace its public cloud revenues in 2018

OpenStack private cloud revenues to outpace its public cloud revenues in 2018

OpenStack Private Cloud Revenues Growth of OpenStack private cloud will overtake public cloud revenue for hosting providers sooner than previously ...
Open APIs Alone Won’t Change Banking

Open APIs Alone Won’t Change Banking

Open Banking API's Most people think of banks as one monolithic entity, but they are actually made up of hundreds ...
Driving Transformation? It is possible to predict the future.

Driving Transformation? It is possible to predict the future.

Driving Transformation Previously, I wrote about the criticality of defining the Vision for your transformation - what is your real objective, how ...
Infosec thought leaders

Cryptocurrencies and Ransomware: How VDI Can Help Defend Against the Next Ransomware Attack

Cryptocurrencies and Ransomware The WannaCry ransomware made headlines back in May when it crippled hospitals across the UK and put ...
The Shift from Monolithic to Microservices: What It Means for CTOs.

The Shift from Monolithic to Microservices: What It Means for CTOs.

The Shift to Microservices The shift in application development strategies is moving from monolithic design to isolated and resilient components ...
Terrified of the Coming of Artificial Intelligence (AI)? Don’t Be. Now You Can Rent Your Own!

Terrified of the Coming of Artificial Intelligence (AI)? Don’t Be. Now You Can Rent Your Own!

Now You Can Rent Your Own! Beware the coming of AI! Or so say luminaries like Bill Gates, Stephen Hawking ...
Coupa selected by Zurich Insurance to transform its business spend

Coupa selected by Zurich Insurance to transform its business spend

SAN MATEO, Calif., July 12, 2018 (GLOBE NEWSWIRE) -- Coupa Software (NASDAQ: COUP), a leader in business spend management (BSM), today announced that Switzerland’s largest insurer and global top 100 company, Zurich Insurance Group (Zurich), ...
Closer Collaboration Between C-Suite and CISOs Needed to Bridge Gap in Cyber Readiness, Finds Accenture Report

Closer Collaboration Between C-Suite and CISOs Needed to Bridge Gap in Cyber Readiness, Finds Accenture Report

New Accenture survey finds fewer than one-third of CISOs and business leaders collaborate on a cybersecurity plan and budget NEW YORK; July 10, 2018 – With the proliferation of more and more sensitive data, expanding ...
Coupa Named a Leader in IDC Marketscape Worldwide SaaS and Cloud-Enabled Supplier Relationship Management Applications 2018

Coupa Named a Leader in IDC Marketscape Worldwide SaaS and Cloud-Enabled Supplier Relationship Management Applications 2018

SAN MATEO, Calif., July 09, 2018 (GLOBE NEWSWIRE) -- Coupa (NASDAQ:COUP), a leader in business spend management (BSM), today announced that it has been named a Leader in IDC’s Marketscape Worldwide SaaS and Cloud-Enabled Supplier Relationship ...