Breach of popular control system for power plants shows increasing hacker sophistication
- Schneider Electric SE and cybersecurity firm FireEye have confirmed that hackers breached industrial control systems at an unnamed facility, marking the first time safety systems at an industrial plant have been compromised.
- Though the targeted facility was not named, the plant is reportedly located in the Middle East.
- According to Reuters, attackers successfully took over a workstation running Triconex, a safety system developed by Schneider Electric. Hackers attempted to reprogram parts of the system, triggering a plant shutdown.
Attempted cyberattacks targeting the electric industry are a daily occurrence, but this new incident, possibly in Saudi Arabia, highlights how much more sophisticated hackers are becoming.
“This is a watershed,” Sergio Caltagirone, head of threat intelligence at security firm Dragos, told Reuters. "Others will eventually catch up and try to copy this kind of attack.” According to Power Engineering, this is just the third time malware has been used to disrupt an industrial process, but more attempts are expected.
Morgan Lewis & Bockius LLP has predicted that "because of the destructive potential of these types of breaches, critical electric and other utility infrastructure will remain highly-prized targets for future cyberattacks." The firm also expects electric utilities will begin to receive data requests or informal outreach from federal regulators "in the near future to determine whether those utilities have similar equipment that could be exploited, and if so, what steps they have taken to mitigate the threat."
Cybersecurity has become a major focus for the electric industry. Last month, the North American Electric Reliability Corp. held its biennial GridEx exercise, where utilities and grid operators run through their crisis plans, coordinating responses and reassuring customers as they rush to respond to a simulated attack.
A recent report from consulting firm Accenture found more than three quarters of utility executives in North America believe a cyberattack is likely in the next five years. Those results mirrored results from Utility Dive's 2017 survey of utility professionals, which found cyber and physical grid security to be the most pressing issue facing the industry.
Follow Robert Walton on Twitter