C. Warren Axelrod

Schneider Targeted Yet Again

In an April 30, 2019 article by Danny Palmer with the title “Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn,” available at https://www.zdnet.com/article/cybersecurity-the-key-lessons-of-the-triton-malware-cyberattack-you-need-to-learn/ the reporter describes how controllers from Schneider Electric’s Triconex Safety Instrument System are vulnerable to attack by Triton malware, but were only saved because the attackers made a mistake and accidentally triggered a plant shutdown.

But, shouldn’t these lessons already have been learned? Triconex safety controllers were the target of an August 2017 attack on a petrochemical plant in Saudi Arabia as described in an article, “A Cyberattack in Saudi Arabia has a Deadly Goal. Experts Fear Another Try,” by Nicole Perlroth and Clifford Krauss at https://www.nytimes.com/2018/03/15/technology/saudi-arabia-hacks-cyberattacks.html

Experts fear another try! Well, we just experienced another try. And again, we see an exhortation to learn lessons from the experience. It brings to mind the Pete Seeger lyric “When will they ever learn?” The answer appears to be “never.”

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*