The US FireEye company that provides cyberthreat intelligence services claimed that the Russian Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM) might be involved in cyberattacks with the use of Triton malware,
MOSCOW (Pakistan Point News / Sputnik - 24th October, 2018) The US FireEye company that provides cyberthreat intelligence services claimed that the Russian Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM) might be involved in cyberattacks with the use of Triton malware, which, in particular, was used to intrude into a Saudi Arabian petrochemical plant's database.
According to US media reports, Triton intrusion was used to compromise the database of the Saudi Arabian petrochemical plant and to cause an explosion at the facility in 2017. The cyberassault failed as hackers made a mistake in the computer code. The intrusion is thought to be the first ever case when the crackers managed to hack the security system of an industrial enterprise.
"FireEye Intelligence assesses with high confidence that intrusion activity that led to deployment of TRITON was supported by the Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM; a.k.a. ЦНИИХМ), a Russian government-owned technical research institution located in Moscow. The following factors supporting this assessment are further detailed in this post," the company said in a press release.
The company added that it had allegedly found traces proving that the TEMP.Veles group, which, FireEye claimed, is linked to Russia, tested versions of the malicious software.
"Investigation of this testing activity reveals multiple independent ties to Russia, CNIIHM, and a specific person in Moscow. This person's online activity shows significant links to CNIIHM," FireEye claimed, adding that the behavior patterns of the TEMP.Veles group point to Moscow time zone.
Meanwhile, John Hultquist, the director of intelligence analysis for FireEye, claimed in an interview with The Wall Street Journal newspaper released on Tuesday that the Russian government was behind the Triton intrusion.
Russia has repeatedly faced accusations of hacking attempts to influence the elections in other countries and interfere in their domestic affairs. Moscow has repeatedly denied the accusations as baseless.
