Destructive malware Triton has struck again

Cybersecurity in the digital era is perhaps the primary concern that governments and private corporations need to address. This decade has seen cyber-attacks growing in scale and audacity, having escalated from theft and destruction of data to targeting public infrastructure. A crippling cyber-attack that nearly blew up a petrochemical plant in Saudi Arabia has now been used in yet another attack.

Security researchers at the firm FireEye said that another heavy industrial facility has been targeted, but refused to disclose which one and its location. The weapon used for the attack was the powerful Triton malware, composed of custom components and used to carry out devastating attacks that can not only disrupt operations but also cause physical destruction and large explosions. It was used to attack a petroleum refining facility in Saudi Arabia and nearly caused a massive explosion. Facilities like refineries are operated by digital industrial control systems that are used to control and regulate all the operations and processes happening at the facility. Disruptions in crucial components in the control systems can cause chemicals or oil to flow the wrong way and have catastrophic results.

Triton is designed to penetrate deep into an organization’s network and reach into the control systems, resulting in cataclysmic system-wide failures and even explosions.

Details of the latest attack involving the Triton Malware have not been disclosed, but experts say that it involves a large industrial facility. Attacks such as this highlight the need for comprehensive cybersecurity measures and sooner everyone starts taking it seriously, the better.