Sophisticated ‘Triton’ malware shuts down industrial plant in hacker attack

Cybersecurity experts at FireEye have issued a warning after a recent hacker attack caused “operational disruption to critical infrastructure” at an unnamed industrial plant. The hackers introduced a malware program that FireEye is calling “Triton” into the security system, likely in preparation for a larger attack.

This was not someone in a basement, either. “The targeting of critical infrastructure as well as the attacker’s persistence, lack of any clear monetary goal and the technical resources necessary to create the attack framework suggest a well-resourced nation state actor,” they concluded.

The location of the plant or the nature of its operations was not disclosed, although Reuters reports that the security company Dragos said it was a plant in the Middle East, while another firm, CyberX, believed the target was in Saudi Arabia.

A security alert was issued for users of Triconex, a safety program that’s widely used in energy facilities such as nuclear plants and oil refineries. The nature of the breach has raised concerns among cybersecurity analysts. “This is a watershed,” said Sergio Caltagirone of Dragos. “Others will eventually catch up and try to copy this kind of attack.”

Cybersecurity firm Symantec says the Triton program has been around since August, and it targets a specific type of safety instrumental system (SIS) and reprograms them. The malware could cause the SIS to shut down plant operations or, with a sophisticated enough attack, nullify the SIS and allow an unsafe condition to escalate, leading to a widespread industrial accident.

In this particular case, when Triton attempted to reprogram the SIS controllers, some instead entered a safe shutdown mode, which halted plant operations and alerted the operators about the rogue software. FireEye believes the hackers accidentally triggered the shutdown while probing the plant’s security systems.

“The targeting of critical infrastructure to disrupt, degrade, or destroy systems is consistent with numerous attack and reconnaissance activities carried out globally by Russian, Iranian, North Korean, U.S., and Israeli nation-state actors,” FireEye said in its report.

The security company noted that the attacker could have easily shut down the plant, but instead continued with repeated attempts to gain control of the SIS. “This suggests the attacker was intent on causing a specific outcome beyond a process shutdown,” they said.

Triton is the third malware program analysts have encountered that’s able to interrupt industrial production. Stuxnet, discovered in 2010, is widely credited with helping to disrupt Iran’s nuclear program. The virus Industroyer was used in 2016 to cause widespread power outages in Ukraine.

Movies & TV

Chernobyl: 10 burning questions we still have after watching the HBO miniseries

If you're like us, after watching the HBO miniseries about the catastrophic nuclear meltdown at Chernobyl, you still have many burning questions about what really happened. Here are some answers to those the series doesn't cover.
Mobile

Your smartphone knows all your secrets. Put it on lockdown with these tips

Having your smartphone hacked can feel like someone robbed your house. It's a massive invasion of privacy and a violation of your personal space. We've put together a checklist of precautions that will help you avoid this terrible fate.
Computing

Russian hackers behind ‘world’s most murderous malware’ probing U.S. power grid

A hacking group linked to the Russian government has attempted to breach the U.S. power grid. Security experts tracked the hackers, and warn that they were probing the grid for weaknesses.
Small Business

The 15 best tech jobs boast top salaries, high satisfaction, lots of openings

May may be coming to an end, but the bonanza of tech jobs just keeps coming. High-paying jobs abound at companies where people love to work. If you’re ready to make a change, this is a great time to look for something more fulfilling…
Deals

Walmart cuts $300 off Dell Inspiron 5680 gaming desktop for gamers on a budget

If you're stashing money but want an upgradeable rig that will go a long way, then this solid deal on the Dell Inspiron Gaming Desktop 5680 with Intel Core i5-8400 is for you. It is now available for only $700 at Walmart.
Computing

Genius uses 19th-century tech to prove Google copied its song lyrics

Song lyrics website Genius says that it proved that Google has been copying its lyrics and posting them on its own search results page. And Genius says it was able to do it by using a decidedly old-school form communications tech.
Computing

Facebook’s crypto isn’t a new Bitcoin, it’s Disney Dollars for a new world order

Facebook has already secured tens of millions in investments for its new cryptocurrency for Facebook known as Libra. The platform is still being developed, but has already brought in backing from Visa, Mastercard and PayPal.
Deals

Check out Walmart’s steep discounts on Dell and LG gaming monitors

If you're a gamer looking for high-quality computer displays, you definitely need to take advantage of this deals from Dell and LG. These gaming monitors will fit your budget and your GPU.
Computing

A Surface Pen with an OLED touchscreen would actually be awesome

Microsoft patented another Surface Pen hardware feature, this time registering a patent for an OLED touch bar strip on the Surface accessory. This could enable dynamic setting change functionality in the next generation of Surface Pens.
Deals

Save $220 on a 2019 MacBook Pro with the latest Intel processor on Amazon

Interested customers can now grab a 2019 MacBook Pro with the latest Intel Core processor at a $220 discount on Amazon. This discounted MacBook Pro also features 512GB of SSD storage, a 15-inch Retina display, and a Touch bar.
Deals

You can grab the 2017 12-inch MacBook for $300 off right now, but act quickly

Despite the growing market for Windows ultrabooks, a MacBook is still what you need if you love the sleek interface of MacOS. The 2017 MacBook is on sale right now, too, but stock is limited, so act quickly before it's gone.
Computing

Apple's Mac Mini and MacBook Air are both great, but which is better?

Torn between the portability of a laptop and the power of a desktop? You aren't the only one. Apple offers great examples of both, with great unique and shared features for each. If we pit the Mac Mini vs. MacBook Air, which do you think…
Computing

PowerPoint is easier than ever with Microsoft’s new A.I. tools

Microsoft's new A.I. tools for Office 365 users make mastering PowerPoint presentations easier than ever. The tools help you create stunning layouts, deliver data with impact, and brush up your delivery skills with smart coaching.
Computing

Google Calendar is back online. Here’s the latest on the outage

Google Calendar is down, and that means that instead of a day packed with back-to-back meetings and timely reminders, users are instead being treated to an error message. Here's the latest on the worldwide outage.