Menu
Hackers exploit security flaw in Schneider Electric software

Hackers exploit security flaw in Schneider Electric software

News of the breach surfaced on 14 December when hackers invaded one of Schneider's Triconex safety systems

Schneider Electric said that hackers had exploited a flaw in its software in a watershed incident discovered last month that halted plant operations at an industrial facility.

News of the breach surfaced on 14 December when cyber security firms disclosed that hackers, likely working for a nation state, had invaded one of Schneider's Triconex safety systems. Neither Schneider nor cyber experts have identified the victim.

Schneider initially told customers it believed the hack did not exploit a bug in the Triconex system. The system is used in nuclear facilities, oil and gas plants, mining, water treatment facilities and other plants, to safely shut down industrial processes when hazardous conditions are detected.

While the victim's identity is unknown, one cyber security firm, Dragos, has said it occurred in the Middle East. Others have speculated it was in Saudi Arabia.

The attack drew intense scrutiny because it is the first report of a breach of the system for safely shutting down an industrial plant when adverse conditions are detected.

Cyber experts have identified it as a watershed incident because it demonstrates how hackers might cause physical damage to a plant, or even kill people, by shutting down safety systems before attacking industrial processes.

Schneider said in a customer advisory released on Thursday that hackers had exploited a previously unknown vulnerability in a small number of older versions of Triconex software that allowed them to install a remote-access Trojan as "part of a complex malware infection scenario."

The advisory urged customers to follow previously recommended protocols for securing Triconex systems, which it said would have blocked the attack.

The malware is capable of scanning and mapping an industrial network to provide reconnaissance, and can also give hackers remote control over those systems, the advisory says.

Schneider said it was developing tools to identify and remove the malware, which are expected to be released in February.

The company plans to release a software update to fix the security bug, Schneider's Global Cyber Security Architect Paul Forney said in an interview on the sidelines of the S4 security conference in Miami Beach, Florida. He declined to say when it would be available.

Forney discussed the malware in a Thursday morning session at S4.

One of Schneider's rivals, ABB Ltd, last month urged its customers to look out for attacks, saying that hackers might use similar approaches to target any type of safety system.

(Editing by Andrea Ricci and Bernadette Baum)


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags softwareSchneider Electric

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments