Hackers behind the world’s deadliest code are probing US power firms

A group called Xenotime, which began by targeting oil and gas facilities in the Middle East, now has electrical utilities in the US and Asia in its sights.
The news: Industrial cybersecurity firm Dragos says it has uncovered evidence that Xenotime has been laying the early groundwork for potential attacks on power companies in the US and elsewhere. The hackers have been testing password defenses and trying to steal login credentials from employees since the end of 2018.
Safety threat: Xenotime is the group behind Triton—code that can disable safety systems that are the last line of defense against serious industrial accidents. The malware was discovered in a Saudi petrochemical plant in 2017 before it could cause any damage. Cybersecurity experts say it can be used to attack safety controls in everything from dams to nuclear power plants.
The good news: Dragos believes the probing of US and Asian targets is still at a very early stage, and the firm hasn’t found any sign—so far—that the Xenotime group has been able to penetrate systems and introduce the Triton malware.
The not-so-good news: The hackers, who some security experts suspect may be linked to the Russian government, are patient and persistent. They spent more than a year worming their way into the Saudi plant’s systems and putting the Triton malware in place.
Deep Dive
Computing
A chip design that changes everything: 10 Breakthrough Technologies 2023
Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.
Modern data architectures fuel innovation
More diverse data estates require a new strategy—and the infrastructure to support it.
Chinese chips will keep powering your everyday life
The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.
The computer scientist who hunts for costly bugs in crypto code
Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.