The cyberattack on a Saudi petrochemical plant last year targeted the company’s safety system – specifically the emergency shut-off system used to defend against catastrophic acts, according to an article from Marketwatch. Schneider Electric, maker of the shut-off system, reported that the malicious code used in the attack “manipulated Schneider devices' memory and ran unauthorized programs on the system by leveraging a previously unknown bug.”
Dubbed Triton, this new form of cyberattack targets safety-instrumented systems and is reportedly the latest phase in an increasingly worrisome series of attacks against control system computers. The most well-known of these, the Stuxnet attack in 2010, hit the “industrial-control systems that run nuclear centrifuges, and programmed the machines to destroy themselves,” according to Marketwatch. Stuxnet was reportedly a joint effort of the U.S. and Israeli governments designed to disrupt Iran’s nuclear program; the objective of the Saudi hack is unclear. According to the article, the cyber attack was a breach of the first safety protection layer – when a control system is hacked, the safety system is supposed to provide protecton.
Read more about the cyber attack here.