US sanctions Russian institute over malware used in 2017 attack

US sanctions Russian institute over malware used in 2017 attack


Washington: The U.S. Treasury Department announced on Friday that it will impose sanctions on a Russian research organization, which it said was related to the powerful malware Triton used to damage Saudi petrochemical plants in 2017.

The Ministry of Finance stated that the Russian government’s Central Institute of Chemical and Mechanical Sciences “has ties” with Triton and is responsible for “building custom tools” to achieve the 2017 attacks.

But this did not blame Triton himself or the attack on the Russian Institute.

“The Russian government continues to engage in dangerous cyber activities aimed at the United States and our allies,” Treasury Secretary Steven Mnuchin said in a statement.

“This administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it.”

Triton is malicious software designed to attack industrial control systems in power plants and industrial plants. Its target is a widely used controller manufactured by Schneider Electric.

According to cybersecurity companies, it can be designed to shut down the system or make the system operate in an unsafe or destructive mode.

According to the Ministry of Finance, the Triton malware was initially deployed at the petrochemical plant through phishing technology.

According to data from the U.S. Department of the Treasury, in 2019, attackers using malware scanned and detected at least 20 vulnerabilities in U.S. power companies.

The sanctions prohibit Americans or American organizations from conducting business with designated agencies, and freeze any assets they may own within the jurisdiction of the United States.

The sanctions were announced the day after the cybersecurity organization Fireeye kidnapped Triton from the Moscow-based research institute and an unknown specific person who was closely linked to the research.

It pointed out that the two research departments of the study have extensive experience in the development of critical infrastructure, corporate security and weapons/military equipment.

You may also like