December 18, 2017
In a shocking turn of events, hackers have attacked and forcefully shut down a plant in an unmentioned nature and location. While in previous incidents, hackers have attacked critical infrastructure, it was never this severe with dire consequences.
Reports are also suggesting that this is the first known incident of a breach like this taking place. While the digital assault was clearly serious in itself, there are hints that it could have been much worse. The hackers supposedly used a malware called Triton. As reports go, Triton hijacked a workstation using Schneider Electric's Triconex safety technology that is mostly used in power plants.
The hackers hoped to modify controllers that could pinpoint safety problems, but some of those controllers entered a failsafe state in response and shut down the plant. This was what led the operators to conduct the investigation that in turn caught the hostile code. Triton was otherwise fairly sophisticated. It was capable of trying to recover failed controllers to avoid raising alerts. It would even overwrite its own programs with junk data if it couldn’t salvage a controller inside of a given time window.