Triconex, a piece of control software widely used in power facilities, including nuclear plants, has been targeted by hackers. The firms responsible for finding the hack, and building the Triconex software, FireEye and Schneider Electric respectively, haven’t given any details about where the hackers’ target was, but other firms believe it was in Saudi Arabia.
The hackers were discovered because as they probed the power plants’ operations for vulnerabilities, they inadvertently shut down the operation. Reuters reports:
“This is a watershed,” said Sergio Caltagirone, head of threat intelligence with Dragos. “Others will eventually catch up and try to copy this kind of attack.”
In the incident, hackers used sophisticated malware to take remote control of a workstation running a Schneider Electric Triconex safety shutdown system, then sought to reprogram controllers used to identify safety issues. Some controllers entered a fail safe mode, which caused related processes to shut down and caused the plant to identify the attack, FireEye said.
FireEye believes the attacker’s actions inadvertently caused the shutdown while probing the system to learn how it worked, said Dan Scali, who led FireEye’s investigation.
The attackers were likely conducting reconnaissance to learn how they could modify safety systems so they would not operate in the event that the hackers intended to launch an attack that disrupted or damaged the plant, he said.
Read more here.
The question for you is, are you prepared for a disruption in your power supply? You must start any preparation program with water. Read my series on water supplies here.
Originally posted at Yoursurvivalguy.com.