Triton (malware) explained

Triton is malware first discovered at a Saudi Arabian petrochemical plant in 2017.[1] [2] It can disable safety instrumented systems, which can then contribute to a plant disaster. It has been called "the world's most murderous malware."[3]

In December 2017, it was reported that the safety systems of an unidentified power station, believed to be in Saudi Arabia, were compromised when the Triconex industrial safety technology made by Schneider Electric SE was targeted in what is believed to have been a state sponsored attack. The computer security company Symantec claimed that the malware, known as "Triton", exploited a vulnerability in computers running the Microsoft Windows operating system.

In 2018, FireEye, a company that researches cyber-security, reported that the malware most likely came from the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), a research entity in Russia.[4]

It was reported by Wired that Triton's attacks were registered in North America, China, and Russia.[5]

See also

References

  1. Web site: Oil & Gas Cybersecurity and Process Safety Converge. 26 February 2019. Davide. Franzetti. Security Boulevard.
  2. News: Triton: hackers take out safety systems in watershed attack on energy plant. Gibbs. Samuel. 15 December 2017. The Guardian. 2019-10-12.
  3. Web site: Triton is the world's most murderous malware, and it's spreading. 5 March 2019. Martin. Giles. Technology Review.
  4. Web site: The inside story of the world's most dangerous malware. Blake. Sobczak. E&E News. 7 March 2019.
  5. Web site: 2019-03-08 . Cos'è Triton, il malware che può causare incidenti catastrofici . 2023-06-30 . Wired Italia . it-IT.