Researchers from U.S. security firm FireEye now believe that Russia is most likely behind a malware attack at a critical infrastructure facility in the Middle East, according to an article from Ars Technica. FireEye researchers reportedly assess “with high confidence” that a Russian-government backed research institute – the Central Scientific Research Institute of Chemistry and Mechanics in Moscow – helped develop the software that caused a major operational failure at the facility.
The malware, alternately labeled Triton and Trisis, according to the article, worked by tampering with the facility’s safety-instrumented system. A variety of evidence reportedly implicates the Russian institute, according to FireEye’s report, including “malware that was tested inside the institute, artifacts left inside the malware used in the attack, an IP address belonging to the institute and the malware developer’s operating hours.”
Read the entire article here.