Slashdot Mirror
Russia Is Behind Cyberattack On Saudi Petrochemical Plant, Researchers Say (zdnet.com)
U.S. researchers from FireEye have linked a Russian research lab to a cyberattack on a Saudi petrochemical plant. The malware strain called Triton -- or Trisis -- "was designed to either shut down a production process or allow SIS-controlled machinery to work in an unsafe state," reports ZDNet, citing technical reports from FireEye, Dragos, and Symantec. From the report: The group behind the malware, which FireEye has been tracking under the codename of TEMP.Veles, nearly succeeded last year, when it almost caused an explosion at a Saudi petrochemical plant owned by Tasnee, a privately owned Saudi company, according to a New York Times report. The malware's origins were a mystery when FireEye first discovered Triton in 2017 and remained a mystery even after the New York Times report in March 2018.
But in a report published today, FireEye says that following further research into incidents where the Triton malware was deployed, it can now assess with "high confidence" that the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), a government-owned technical research institution located in Moscow, was involved in these attacks. FireEye's report does not link the Triton malware itself to CNIIHM, but the secondary malware strains used by TEMP.Veles and deployed during the incidents where Triton was deployed. Clues in these secondary malware strains used to aid the deployment of the main Triton payloads contained enough artifacts that allowed researchers to identify their source.
But in a report published today, FireEye says that following further research into incidents where the Triton malware was deployed, it can now assess with "high confidence" that the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM), a government-owned technical research institution located in Moscow, was involved in these attacks. FireEye's report does not link the Triton malware itself to CNIIHM, but the secondary malware strains used by TEMP.Veles and deployed during the incidents where Triton was deployed. Clues in these secondary malware strains used to aid the deployment of the main Triton payloads contained enough artifacts that allowed researchers to identify their source.
Republican politicians should be targeting ALL potential voters
Nope. If they do that, they lose in the primaries to someone willing to focus on the base.
If you want moderate government, you should support open non-partisan primaries. Several states already have them, and middle-grounders tend to do well.
Open primaries in the United States
Which side am I supposed to be rooting for on in this one?
The side that doesn't kill or threaten journalists would be a good place to start.
Which immediately raises the question: Which side am I supposed to be rooting for on in this one?
That's the joke.jpg
Russia's already been threatening and killing journalists that have been thorns in their side, and now we see the Saudis are capable of doing that as well at an even more audacious level.
Russia has an interest in doing this on a purely economic level too, since Saudi Arabia is a dominant power in fossil fuel production and export, and Russia's economy is heavily dependent also on fossil fuel exports. Busting up the competition like this with cyberwarfare is a fairly obvious move in the amoral cartel world that these guys are operating in.