Sophisticated ‘Triton’ malware shuts down industrial plant in hacker attack

Cybersecurity experts at FireEye have issued a warning after a recent hacker attack caused “operational disruption to critical infrastructure” at an unnamed industrial plant. The hackers introduced a malware program that FireEye is calling “Triton” into the security system, likely in preparation for a larger attack.

This was not someone in a basement, either. “The targeting of critical infrastructure as well as the attacker’s persistence, lack of any clear monetary goal and the technical resources necessary to create the attack framework suggest a well-resourced nation state actor,” they concluded.

The location of the plant or the nature of its operations was not disclosed, although Reuters reports that the security company Dragos said it was a plant in the Middle East, while another firm, CyberX, believed the target was in Saudi Arabia.

A security alert was issued for users of Triconex, a safety program that’s widely used in energy facilities such as nuclear plants and oil refineries. The nature of the breach has raised concerns among cybersecurity analysts. “This is a watershed,” said Sergio Caltagirone of Dragos. “Others will eventually catch up and try to copy this kind of attack.”

Cybersecurity firm Symantec says the Triton program has been around since August, and it targets a specific type of safety instrumental system (SIS) and reprograms them. The malware could cause the SIS to shut down plant operations or, with a sophisticated enough attack, nullify the SIS and allow an unsafe condition to escalate, leading to a widespread industrial accident.

In this particular case, when Triton attempted to reprogram the SIS controllers, some instead entered a safe shutdown mode, which halted plant operations and alerted the operators about the rogue software. FireEye believes the hackers accidentally triggered the shutdown while probing the plant’s security systems.

“The targeting of critical infrastructure to disrupt, degrade, or destroy systems is consistent with numerous attack and reconnaissance activities carried out globally by Russian, Iranian, North Korean, U.S., and Israeli nation-state actors,” FireEye said in its report.

The security company noted that the attacker could have easily shut down the plant, but instead continued with repeated attempts to gain control of the SIS. “This suggests the attacker was intent on causing a specific outcome beyond a process shutdown,” they said.

Triton is the third malware program analysts have encountered that’s able to interrupt industrial production. Stuxnet, discovered in 2010, is widely credited with helping to disrupt Iran’s nuclear program. The virus Industroyer was used in 2016 to cause widespread power outages in Ukraine.

Computing

Smishing sounds funny, but it’s a serious threat to your phone’s security

We all know phishing is a huge security problem, but most people still believe it’s a problem limited to email. According to new reports, however, phishing scams are attempting to exploit your trust in text messages.
Computing

Hacker infects 100K routers in latest botnet attack aimed at sending email spam

An attacker is trying to infect your router with malware in order to send spam emails. If your router uses a Broadcom UPnP SDK, it could become vulnerable to this attack. So far, 100,000 routers worldwide have been infected.
Computing

Nearly 700,000 websites are hacked in bid to steal cryptocurrency

In the latest cryptocurrency hack, up to 700,000 websites were targetted in a breach which primarily aimed to steal virtual currencies through a malicious script on websites running Statcounter code. 
Mobile

How to remove Android malware from your phone or tablet

Did you download an infected app? You need to remove Android malware as soon as possible. Here's the process to uninstall, along with some recommendations on how to safeguard your phone.
Gaming

The plug-and-play PC Classic joins the retro console bandwagon

Gaming company Unit-e is creating the PC Classic, a plug-and-play retro console that will come bundled with around 30 of the best DOS games. The system will support gamepads and keyboard setups.
Computing

Is your PC slow? Here's how to restore Windows 10 to factory settings

Computers rarely work as well after they've accumulated files and misconfigured settings. Thankfully, with this guide, you'll be able to restore your PC to its original state by learning how to factory reset Windows.
Computing

Mozilla’s built-in price-tracking extension makes it easy to shop with Firefox

Mozilla has heard those worries about Black Friday shopping, and is now introducing a new set of experimental extensions which aim to make it easier to find the best deals online.
Computing

Best Buy’s pre-Black Friday deal takes $330 off the 2017 Surface Pro bundle

If you don't need the latest Surface Pro, Best Buy has a heavily discounted rendition of the 2017 model available in its pre-Black Friday sale. For just $1,000, you can get the tablet with a Core i5 CPU.
Computing

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.
Computing

Buying a laptop on Black Friday? Don't make one of these rookie mistakes

Shopping for a laptop on Black Friday can win you some excellent deals, but you should also avoid making common mistakes. Check out what to avoid when buying a laptop for Black Friday and what danger signs to be wary of.
Computing

The Mac mini's price jump has crept into iMac territory. How do they compare?

Apple announced a long-awaited update to the Mac mini. Thanks to the updated specs and increase in price, it's begun to creep up to the base model iMac. In this guide, we now put up the specs on the newest refreshed Mac mini against the…
Computing

Our favorite Windows apps will help you get the most out of your new PC

Not sure what apps you should be downloading for your newfangled Windows device? Here are the best Windows apps, whether you need something to speed up your machine or access your Netflix queue. Check out our categories and favorite picks.
Computing

Ray tracing not an option until it comes to all graphics cards, says AMD

Although Nvidia already supports the ray tracing feature on its high-end new GeForce Turning series of chips, AMD seemingly hinted it doesn't feel like ray tracing is ready until it comes to all level of graphics cards. 
Computing

Turn your desk into a command center with the best ultrawide monitors

Top of the line ultrawide monitors have the deepest curves, the sharpest colors, and the biggest screens on the market today. You’re going to want one, sooner or later. So why not sooner? These are the best ultrawide monitors you can buy…