Schneider Electric says bug in its software exploited in hack
News of the breach surfaced on December 14, when cyber security firms disclosed that hackers, likely working for a nation state, had invaded one of Schneider's Triconex safety systems. Neither Schneider nor cyber experts have identified the victim.
Schneider initially told customers it believed the hack did not exploit a bug in the Triconex system. The system is used in nuclear facilities, oil and gas plants, mining, water treatment facilities and other plants, to safely shut down industrial processes when hazardous conditions are detected.
While the victim's identity is unknown, one cyber security firm, Dragos, has said it occurred in the Middle East. Others have speculated it was in Saudi Arabia.
The attack drew intense scrutiny because it is the first report of a breach of the system for safely shutting down an industrial plant when adverse conditions are detected. ■