Pipedream Malware: Feds Uncover ‘Swiss Army Knife’ for Industrial System Hacking | WIRED

Pipedream Malware: Feds Uncover 'Swiss Army Knife' for Industrial System Hacking | WIRED

Malware created to target commercial control systems like power grids, factories, water energies, and oil refineries represents an uncommon types of digital badness. When the United States federal government alerts of a piece of code constructed to target not just one of those markets, but possibly all of them, vital facilities owners around the world need to take notice.Dragos states the malware has the capability to hijack target gadgets, disrupt or prevent operators from accessing them, completely brick them, or even use them as a grip to give hackers access to other parts of a commercial control system network. The CISA advisory consists of a list of measures that infrastructure operators need to take to secure their operations, from restricting commercial control systems network connections to executing monitoring systems for ICS systems, in specific, that send out notifies for suspicious behavior.When WIRED reached out to Schneider Electric and OMRON, a Schneider representative reacted in a declaration that the company has closely worked together with the United States federal government and security company Mandiant and that they together “identified and developed protective measures to protect versus” the freshly revealed attack toolkit. OMRON didnt right away respond to WIREDs demand for comment.The discovery of the Pipedream malware toolkit represents an uncommon addition to the handful of malware specimens found in the wild that target industrial control systems (ICS) software. The next year, Kremlin-linked hackers infected systems at the Saudi Arabian oil refinery Petro Rabigh with a piece of malware known as Triton or Trisis, which was designed to target its safety systems– with potentially catastrophic physical repercussions– however instead triggered two shutdowns of the plants operations.

The CISA advisory consists of a list of measures that facilities operators need to take to safeguard their operations, from restricting commercial control systems network connections to executing monitoring systems for ICS systems, in specific, that send out notifies for suspicious behavior.When WIRED reached out to Schneider Electric and OMRON, a Schneider spokesperson responded in a statement that the business has carefully teamed up with the United States federal government and security company Mandiant and that they together “recognized and developed protective procedures to protect versus” the recently exposed attack toolkit. OMRON didnt instantly react to WIREDs demand for comment.The discovery of the Pipedream malware toolkit represents an unusual addition to the handful of malware specimens found in the wild that target commercial control systems (ICS) software. The next year, Kremlin-linked hackers contaminated systems at the Saudi Arabian oil refinery Petro Rabigh with a piece of malware understood as Triton or Trisis, which was developed to target its safety systems– with possibly disastrous physical consequences– but instead triggered two shutdowns of the plants operations.


Related Post