‘Triton’ malware targeting North American companies next?
The internet of things (IoT), which broadly refers to the interconnectedness of devices via the internet, has become a highly discussed topic over the past few years as household items ranging from coffee makers to vacuums are now able to send and receive data over the internet. Specifically, a phenomenon known as the ‘industrial IoT’ has exploded, as facilities and plants around the world are increasingly enabling internet connectivity in a range of equipment. Cyber criminals developed Triton – a malware specifically designed to, among other things, bypass and allow hackers to take over safety instrumented systems - the last line of defense within a manufacturing or critical infrastructure plant. These safety systems are meant to respond if dangerous conditions are detected, shutting systems down or returning processes to safe levels. The full effect of this cyber-physical threat was on display at a petrochemical plant in Saudi Arabia in the summer of 2017, where, for the first time, the cybersecurity world witnessed the effect of Triton. While the malware was ultimately disabled, it left many wondering what could have been – there’s no doubt among experts that the impact could have been devastating. If hackers had overridden safety systems and simultaneously triggered an unsafe situation in the plant, widespread bodily injury and property damage would surely have resulted.
Safety instrumented systems are found in companies ranging from nuclear power stations to water treatment facilities. And, according to cybersecurity investigators, there is evidence that the hackers who built Triton are researching targets in North America. Cyber liability insurance can provide valuable first and third-party coverage in the event of an actual or suspected cyber security breach, including indemnity for breach response costs, lost profit and extra expenses if business interruption results, and expenses to recreate lost data. If confidential third party corporate or personal identifiable information (PII) is compromised, or your network transmits malicious code to a third party or participates in a denial of service attack, a cyber insurance policy can provide legal defense costs, settlement and judgment amounts in the event of a lawsuit. While bodily injury and property damage resulting from a cyber security breach have historically been excluded under a cyber liability insurance policy, insurers are increasingly providing creative solutions to cover this risk. If your organization faces a high IoT risk that could result in bodily injury or property damage, speak to an experienced cyber broker to advise on potential risk transfer solutions.