The Russian-owned Central Scientific Research Institute of Chemistry and Mechanics supported the development and injection of the TRITON malware that intruded in an industrial plant last year in Saudi Arabia, according to a new assessment by cybersecurity firm FireEye.
Why it matters: FireEye assessed last year that the attack was intended to cause physical damage by preventing Schneider Electric equipment from operating properly, and given how widely the equipment is used, it means the attack could potentially be deployed around the globe, per the New York Times. FireEye doesn’t go so far as to peg Russia responsible for the malware itself, but it does explain that Russia is behind the intrusion that allowed the malware to be injected and that the institute supported the malware’s testing.