Hackers Have Spent Months On Breaching American Power Plants

Indira Datta - Jul 15, 2019

A group of hackers, which comprised a Saudi oil facility two years ago, has been trying to breach US's power plants in the last few months.

Hackers Purposely Upload Their Fingerprints To Crime Scene - One Of The Dumbest Hacks Ever
Biggest Shame Of The Year: Iranian Hackers Accidentally Leaked Videos Showing Them Hacking
A Japanese Sex Hotel App Was Hacked, A Real Disaster For Its Customers

Just recently, hackers of the Xenotime group had intended to infiltrate the system of American utilities. Previously in 2017, this group of hackers had made a malicious attack on TRISIS/TRITON on safety equipment systems (SIS) at a Saudi oil base.

Dragos, a network security company, discovered about Xenotime's efforts. Dragos said in his article that Xenotime has spent a lot of time exploring the factories in the United States during the past few months. Although there are currently no signs of Xenotime's attack being successful, the expansion of this group's scope of activity is a certain concern for critical infrastructures.

Sergio Caltagirone, vice president of Threat Intelligence at Dragos, on Friday said that:

According to MIT Technology Review, Xenotime's TRITON malware can disable safety systems in power plants and it is also the code the group used to successfully attack the oil factory in Saudi. It's worth mentioning that Xenotime took a year to find a way to penetrate the oil factory's system, and this persistence made this group of hackers formidable and troublesome to deal with.

Dragos wrote on their blog:

Dragos advised power plants and other possible targets to invest more in new security systems. Systems that enable them to regain control of the plant system when hackers successfully execute its attack. So after that, they can continue to return to the business as quick as possible. Dragos noted: