Since Stuxnet first targeted and destroyed uranium enrichment centrifuges in Iran last decade, the cybersecurity world has waited for the next step in that digital arms race: Another piece of malicious software designed specifically to enable the damage or destruction of industrial equipment. That rare type of malware has now reappeared in the the Middle East. And this time, it seems to have the express intention of disabling the industrial safety systems that protect human life.
Security firm FireEye today has revealed the existence of Triton, a family of malware built to compromise industrial control systems. Although it’s not clear in what kind of industrial facility—or even what country—the sophisticated malware appeared in, it targets equipment that’s sold by Schneider Electric, often used in oil and gas facilities, though also sometimes