Skip to main content
close search
site logo
Dive Brief

Breach of popular control system for power plants shows increasing hacker sophistication

Published Dec. 20, 2017
Robert Walton's headshot
Senior Reporter
Getty

Dive Brief:

  • Schneider Electric SE and cybersecurity firm FireEye have confirmed that hackers breached industrial control systems at an unnamed facility, marking the first time safety systems at an industrial plant have been compromised.
  • Though the targeted facility was not named, the plant is reportedly located in the Middle East. 
  • According to Reuters, attackers successfully took over a workstation running Triconex, a safety system developed by Schneider Electric. Hackers attempted to reprogram parts of the system, triggering a plant shutdown.

Dive Insight:

Attempted cyberattacks targeting the electric industry are a daily occurrence, but this new incident, possibly in Saudi Arabia, highlights how much more sophisticated hackers are becoming.

“This is a watershed,” Sergio Caltagirone, head of threat intelligence at security firm Dragos, told Reuters. "Others will eventually catch up and try to copy this kind of attack.” According to Power Engineering, this is just the third time malware has been used to disrupt an industrial process, but more attempts are expected.

Morgan Lewis & Bockius LLP has predicted that "because of the destructive potential of these types of breaches, critical electric and other utility infrastructure will remain highly-prized targets for future cyberattacks." The firm also expects electric utilities will begin to receive data requests or informal outreach from federal regulators "in the near future to determine whether those utilities have similar equipment that could be exploited, and if so, what steps they have taken to mitigate the threat."

Cybersecurity has become a major focus for the electric industry. Last month, the North American Electric Reliability Corp. held its biennial GridEx exercise, where utilities and grid operators run through their crisis plans, coordinating responses and reassuring customers as they rush to respond to a simulated attack.

A recent report from consulting firm Accenture found more than three quarters of utility executives in North America believe a cyberattack is likely in the next five years. Those results mirrored results from Utility Dive's 2017 survey of utility professionals, which found cyber and physical grid security to be the most pressing issue facing the industry.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
General Atlantic’s BeyondNetZero Fund and TA Partner to Drive Continued Growth of Technosylva
From Technosylva
November 21, 2024
TESCO Solidifies Leadership in Electric Meter and EV Charging Station Accuracy
From TESCO - The Eastern Specialty Company
November 12, 2024
Cooling Towers Go Green: Clear Comfort Unveils New AOP Water Treatment Systems
From Clear Comfort
November 12, 2024
Puget Sound Energy Maximizes Consumer Participation in Rates Engagement Pilot Powered by Uplig…
From Uplight
November 12, 2024
Editors' picks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell