Share with Your Network
FireEye reports a significant attack on an unnamed industrial plant (Reuters, quoting Dragos, calls it a “watershed” event). The attacker hit Triconex industrial safety technology supplied by Schneider, a system widely used in the energy sector, including oil and gas, and nuclear power generation. Dragos says the affected plant was in the Middle East; CyberX says it’s in Saudi Arabia.
FireEye suggests there’s evidence the attackers were working on behalf of a nation-state. It thinks the attack may have been reconnaissance gone awry. The hackers appear to have inadvertently tripped safety systems into fail-safe mode, thereby shutting down plant operations. It’s good the systems failed safe as opposed to failing deadly, but the possible implications of the reconnaissance are disturbing, since it seems to have been aimed at learning how to disenable safety systems during an attack.
TVs are found vulnerable. First, TripWire researchers have determined that many Android set-top boxes run old and insecure versions of Android, opening them to exploitation. Second, Trend Micro has disclosed that the Linksys WVBR0-25, the wireless video bridge DirecTV’s parent AT&T provides customers, is susceptible to remote code execution. Trend Micro disclosed the issue to Linksys six months ago. They’re going public with it because, they say, Linksys has both failed to fix the problem and ceased talking with the researchers who found it.
Anonymous, unhappy with the US decision to move its embassy in Israel to Jerusalem, has called for worldwide unremitting attacks on Israeli and US government sites. (Nothing so far.)