Skip to main content

Triton: A Malware That can Kill Human

When we think of malware we think of a program that is designed to harm a computer device, servers or network. But these days bad guys are creating malware targetting the critical infrastructure which can deliberately kill people. Malware that is targetting critical infrastructure and human damage is not new in the cyberspace as there were few other cases before like Stuxnet but nowadays such malware is increasing at an alarming rate.

Recently one malware was detected by an experienced cyber responder Julian Gutmanis which could pose a serious threat to human life. The malware was found on the server of the petrochemical plant in Saudi Arabia in the summer of 2017. The initial vector of malware infection is still unknown but it could be the result of a phishing attack. Hacker managed to deploy their malicious program on the plant's safety instrumented system so that they could have full control of the safety system of the plant. Hackers were able to control the plant's system which manages the safety system inside the plant remotely by installing the malware.

Source: https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/triton-malware-spearheads-latest-generation-of-attacks-on-industrial-systems/

After gaining access to the safety system of the plant, hacker could disrupt, take down or destroy the industrial process. In the worst case scenario, the malware could have led to the release of toxic hydrogen sulfide gas or caused explosion, which could kill a lot of people working at the facility and in the surrounding area. Luckily the malware was detected before it could do any damage on the system.

From this incident, it is clear that malware that targets industrial control system are becomming more aggressive and more sophisticated. We have a lot of critical plants which were build before anyone has imagined such cyberattacks. Therefore, it is time to update the industrial control system to defend the possible cyber attacks.

Comments

Popular posts from this blog

Five Ways to Get Rid of Cryptojacking Malware

Cryptojacking is a growing threat in 2018 and there are several ways to prevent this threat. Few of the methods to prevent this emerging online threat are discussed below.


Installing browsing extension
Most of the crypto mining malware works from the web browser so we can stop that malware by installing a browser extension. There are few browser extensions like ublock origin & Malwarebytes that will help to block any cryptojacking scripts. If we have these extensions installed on the browser, they will automatically stop those scripts from running on the browser which will prevent the browser from running the mining code. Those extensions are available for free and they regularly update their signature. Since they will automatically filter the mining codes we don’t need to check them manually. Therefore, installing a proper extension will help to get rid of cryptojacking malware.

Installing only trusted applications
Another big source of crypto mining malware is untrusted application…

Most Popular Authentication System And Their Problem, They Are No Longer Secure

Although there are lots of method and devices available for authentication, each of the authentication that we use has their own limitations. Below are the authentication systems that we are using and their limitations: Password ID and password are the most common and widely used authentication method. Although it is one of the widely used methods it carries huge security risk. One of the biggest problems with this system is that anyone can guess the password and can be shared knowingly or unknowingly. Also, the no. of the password will increase with the no. of service that user uses. It is insecure to use a single password for all the websites, so it is recommended to create a unique password for each website. Users cannot remember all the passwords that they have, and they might write it somewhere, which can later be leaked. The password can easily be stolen online by using phishing sites and can be stolen with keyloggers. We can create a strong password by using long characters, bu…

Best Practices to Avoid the Phishing Attacks

In my previous article, I posted about the phishing attacks and different types of phishing attacks. On this article, I will write about the best practices that will help us to control the phishing. Phishing can be prevented somehow if we do follow best practices for anti-phishing. Some of the best practices for anti-phishing are listed below.

Maintaining Firewall & IDs It is mandatory to maintain proper security infrastructure by installing and maintaining firewall and intrusion detection system. It should also provide security against malware. Awareness Awareness is one of the major things that we need to mitigate the phishing attack. New Intel Security study demonstrates that 97% of individuals can’t recognize phishing messages. Therefore, it is very important to make people aware of phishing. Updating Web Browser The web browser is one of the application software where users spend most of their time online, therefore, it must be regularly updated, and security patches must be ap…