Recently one malware was detected by an experienced cyber responder Julian Gutmanis which could pose a serious threat to human life. The malware was found on the server of the petrochemical plant in Saudi Arabia in the summer of 2017. The initial vector of malware infection is still unknown but it could be the result of a phishing attack. Hacker managed to deploy their malicious program on the plant's safety instrumented system so that they could have full control of the safety system of the plant. Hackers were able to control the plant's system which manages the safety system inside the plant remotely by installing the malware.
After gaining access to the safety system of the plant, hacker could disrupt, take down or destroy the industrial process. In the worst case scenario, the malware could have led to the release of toxic hydrogen sulfide gas or caused explosion, which could kill a lot of people working at the facility and in the surrounding area. Luckily the malware was detected before it could do any damage on the system.
From this incident, it is clear that malware that targets industrial control system are becomming more aggressive and more sophisticated. We have a lot of critical plants which were build before anyone has imagined such cyberattacks. Therefore, it is time to update the industrial control system to defend the possible cyber attacks.