Critical infrastructure (CI) is one of the underlying backbones of our civilization. This aspect supports virtually all we are actively involved in. If you like to use electricity for your electronics (e.g. computers, laptops, tablets, television, radio, etc.), fresh water, sewage leaving your home, etc., then a certain new malware sample should grab your attention.
Malware directed at the energy industry is not new. There have been dams attacked in the US. nuclear power plants across the globe, and other CI industries. The equipment implemented in the industries also has been targeted for their respective vulnerabilities.
The latest malware is an example of the latter. This targets the Triconex Safety Instrumented System (SIS) manufactured by Schneider Electric and has been named Triton or Tricis. This equipment is part of the industrial control system (ICS) for the utilities. This is designed to work in an autonomous fashion to monitor systems within the utility and shut a system down if there is a safety issue. This malware was coded to when implemented against the vulnerability to read and write programs and functions, along with querying the SIS controller. The attacker, with the deployed malware, is able to modify the SIS logic to shut down, indicating an unsafe reading, when the system may be operating fine without an issue.
There naturally would be financial issues to the utility, however, there may also be damage tot he equipment and facility if this were to be reversed and the equipment was to allow for unsafe conditions to continue unchecked.
The IC and ICS systems will continue to be targeted as time passes. With an attack here, the result of the compromise would rather significant detriment.
No comments:
Post a Comment