POST Online Media Lite Edition


Schneider Electric says bug in its software exploited in hack

Staff Writer |
Schneider Electric said that hackers had exploited a flaw in its software in a watershed incident discovered last month that halted plant operations at an industrial facility.

Article continues below

News of the breach surfaced on December 14, when cyber security firms disclosed that hackers, likely working for a nation state, had invaded one of Schneider's Triconex safety systems. Neither Schneider nor cyber experts have identified the victim.

Schneider initially told customers it believed the hack did not exploit a bug in the Triconex system. The system is used in nuclear facilities, oil and gas plants, mining, water treatment facilities and other plants, to safely shut down industrial processes when hazardous conditions are detected.

While the victim's identity is unknown, one cyber security firm, Dragos, has said it occurred in the Middle East. Others have speculated it was in Saudi Arabia.

The attack drew intense scrutiny because it is the first report of a breach of the system for safely shutting down an industrial plant when adverse conditions are detected.

What to read next

Green EnviroTech and Schneider Electric in strategic partnership
Aveva confirms revised proposal from Schneider Electric
Equifax failed to install important security patch