An oil factory in Saudi Arabia was damaged by malicious software

Cyber attacks can cause business headaches and lost revenue. However, malware discovered by a Saudi Arabian petrochemical company at the factory in August was designed to destroy equipment and could result in an explosion that destroyed the entire plant. According to investigators, the only reason for the failure was due to a flaw in the offending code that caused the system to shut down. If the malware is written correctly, the consequences will be disastrous.

It is believed that political motives may be the reason for this kind of attack. Because of the complexity of the attack code, I believe there is hostile government support behind it. Since the entire industry uses the same industrial controller, it is feared that the same attack may be launched on other chemical processing facilities. Schneider Electric has sold more than 13,000 Triconex safety control systems that are vulnerable.

Software analysis shows that no code has been found on any other system to date. In order to design the malware used, it is almost essential that developers have early access to the Triconex security system components for testing. Investigators said that the price of the required parts on eBay is about $40,000.

United States government entities and private security company Mandiant are still dealing with this incident. The National Security Agency, the Federal Bureau of Investigation, the Department of Homeland Security, and the Defense Advanced Research Projects Agency (DARPA) are all working hard to gather as much information as possible. Although there is little information on how the attack actually works, it is believed that malicious code can be injected remotely, making the threat of another attack high.

Source: NYTimes