Malware Discovered in a Petrochemical Plant in Saudi Arabia that tried to Cause an Explosion

Cyber Security News Headlines

A malware was discovered in a petrochemical plant in Saudi Arabia which was designed to cause an explosion and destroy the entire plant.

According to The New York Times, a flaw in attackers code accidentally shut down the system and failed the attack.

Investigators declined to say the name of the company or more details about the attackers.

Based on the sophistication of the attack and resources used they were mostly supported by a government.

According to security experts, Countries which are capable of launching an attack of this magnitude are Iran, China, Russia, Israel and the United States.

You may be interested in reading: MuddyWater: Hackers Target Middle East Nations

This is not the first time attackers have targeted countries energy sector earlier in 2012  Saudi Aramco, world’s biggest oil company was hit by aggressive disc-wiping malware called Shamoon.

In January 2017 Tasnee, a Saudi Arabian industrialisation company and Sadara Chemical Company, a joint enterprise firm owned by Saudi Aramco and U.S. company Dow Chemical were also attacked by hackers.

According to Symantec security company researchers and officials from Tasnee, attack destroyed company’s hard drive and wiped out all the data and was replaced with an image of Aylan Kurdi, the Syrian boy in a red T-shirt who washed up dead on the Turkish coast.

Researchers at Mandiant with the help of other several other companies in the U.S are still working on the incident which happened in Augest.

The code used in this attack was never seen in any other attacks before. In order to develop the malware, the attackers should have access to Triconex safety system components. The investigators said that components could be purchased for $40,000 from eBay.

Triconex safety system controls voltage, pressure, and temperatures in the system and ensures the safety of the plant.

Security experts fear that if the attackers were able to compromise Triconex safety system components, the same attack could be launched against other companies which use same component.

Triconex safety controllers are used in about 18,000 plant around the world which includes nuclear, oil and gas and chemical plant.

“If attackers developed a technique against Schneider equipment in Saudi Arabia, they could very well deploy the same technique here in the United States,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies in Washington, D.C

Schneider Electric which produces Triconex safety system controllers said they are investigating the cyber attack.

Read more on: 5 million Android Devices found Infected with RottenSys Malware



Please rate this content