, 14 tweets, 5 min read Read on Twitter
Our San Francisco bureau chief, @martingiles, spent several months working on a story about Triton, the world’s most murderous malware. Here’s why this malicious code is so terrifying. technologyreview.com/s/613054/cyber…
Previous “cyber-physical” malware like Stuxnet, which destroyed centrifuges at an Iranian nuke plant in 2010, targeted industrial equipment.
.
.
.
Triton is the first time we’ve seen software deliberately created by hackers to put people’s lives in danger.
The malware is capable of disabling safety instrumented systems, which are the last line of safety defense in everything from petrochemical plants to public transport systems to nuclear power plants.
If these safety systems are crippled, and other malware used in conjunction with Triton causes dangerous industrial processes to spin out of control, the result could be catastrophic industrial accidents that kill large numbers of people.
Fortunately, Triton was discovered at a Middle Eastern petrochemical plant in 2017 before it could do any harm. Had it been triggered, it could have caused explosions, and let poisonous gases escape into the plant and surrounding area.
Over the past year or so, researchers at a cybersecurity firm called @DragosInc have come across elements of software used by the hacking group behind Triton. These strongly suggest it’s hunting for new targets outside the Middle East, including in North America.
The hackers are patient and well-resourced.
They spent years burrowing through layers of cyber defenses to reach the safety systems at the petrochemical plant. Some evidence suggests they are from Russia, which has already deployed cyber-weapons against industrial targets in Ukraine.
Triton has appeared just as nation-state hackers step up cyberattacks on “critical infrastructure” targets like electrical grids, dams, and oil companies.
Dan Coats, US Director of National Intelligence, said last year warning lights “are flashing red” because of this unprecedented cyber-assault.
To make matters worse, Triton’s rise coincides with a push by companies to hook up ever more equipment to the internet to boost efficiency and productivity. The development of this “internet of industrial things” gives hackers more equipment to target.
Some cyber experts say Triton and other malware show why businesses urgently need to rethink how they are connecting potentially lethal processes. Some of these may need to be isolated from the internet altogether.
You can read more about all this in @martingiles story here. #RSAC #RSAC2019 technologyreview.com/s/613054/cyber…
Follow @martingiles for more cybersecurity insights.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to MIT Technology Review
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!