California security solution provider FireEye reported Thursday that hackers attacked and shut down operations at an undisclosed “critical infrastructure facility.” This is the first report of a breach at an industrial facility by hackers, who experts theorize were working as nation-state actors.
FireEye has declined to identify the victim, industry, date, or location of the hack, although they did disclose the hackers targeted specific industrial safety technology from Schneider Electric.
FireEye stated they believe that the hacker’s intentions were to garner information on the facility’s operations, with the shutdown of operations being an unintentional side effect due to a triggered failsafe measure. The attackers used malware to take remote control of a Schneider Electric Triconex Tricon safety shutdown system and attempted to reprogram controllers used to identify safety issues.
InfoSec experts believe this attack could foretell similar attacks to come; hackers that take control of industrial safety systems could deceive it into believing everything is secure while hackers wreck physical damage on the facility itself and on the populations it serves.
Along with health care facilities, utilities have been a more popular target by hackers in the past year. Reports have arisen of hackers being able to shut down heating at the homes of their victims.
- 4 Best Cybersecurity Courses Available on Udacity in 2023 - April 20, 2023
- The Best SOAR Tools and Vendors to Consider in 2023 - November 26, 2022
- The 10 Best Open Source SIEM Tools for Businesses - October 13, 2022