The world has grown accustomed to malware that steals your credit card information or demands bitcoin to access your files.
But a new hacker tool is targeting the safety systems at industrial plants around the world, according to a fascinating investigation in the MIT Technology Review — the same safety systems, ominously, that protect nuclear power stations and water treatment facilities.
“In a worst-case scenario, the rogue code could have led to the release of toxic hydrogen sulfide gas or caused explosions, putting lives at risk both at the facility and in the surrounding area,” wrote MIT Tech‘s Martin Giles of an incident when the malware was found to have attacked a petrochemical plant in Saudi Arabia.
Lives at Risk
Researchers call the malware Triton. It’s apparently been spreading since 2014, but researchers didn’t become aware of it until around 2017.
What’s most worrisome, one source told MIT Tech, was that the malware crosses a new ethical line.
“Targeting safety systems just seemed to be off limits morally and really hard to do technically,” Joe Slowik, a former information warfare officer in the US Navy who now works at Dragos, an industrial cybersecurity firm that’s been tracking the spread of Triton, told the magazine.
At a speech last year, according to MIT Tech, former U.S. director of national intelligence Dan Coats warned that chances were growing of a debilitating cyberattack on American infrastructure.
“Here we are nearly two decades later, and I’m here to say the warning lights are blinking red again,” said Coats at the event. “Today, the digital infrastructure that serves this country is literally under attack.”