Is nothing safe? New malware targets industrial control systems

By Cameron Abbott and Harry Crawford

I’m sure I saw this in Die Hard 4 but “life imitates art”.   A new type of malware has been discovered in a very rare field of operation for hackers: attacking industrial control systems. Cybersecurity firm FireEye has been tight-lipped in detailing the attack, but has indicated that it was against “a critical infrastructure organization” which inadvertently caused operations to shut down. The attack is also reminiscent of the infamous “Stuxnet” virus that was used against Iranian nuclear power plants in 2010.

FireEye dubbed the malware “Triton” and said that the attacker was likely sponsored by a nation state. These types of attack are very rare, with only 5 known families of malware having been discovered since 2010 that target industrial control systems… so far.

This goes to show that malware continues to expand into fields previously assumed safe from malware and cybersecurity threats. Not only is the technological sophistication of attacks growing, but the fact that there was no apparent financial motive for the hackers behind Triton shows that organisations including businesses should not assume that they are not a target.

Everyone should be taking all sensible precautions against threats, including, for example, by pushing contractual risk onto subcontractors and vendors who are often the ones who expose organisations to such risks (as detailed in a recent blog post here on CyberWatch: Australia).