June 14 (UPI) — A group of hackers has targeted the U.S. power grid over the past several months but has so far been unable to trigger any outages or other incidents, a cybersecurity firm said in an analysis Friday.
The company, Dragos, has been tracking the hacker group known as Xenotime or the Triton actor for months as it scans the U.S. electrical grid looking for weaknesses. The group is known for its Triton malware, which was responsible for disabling the cybersecurity systems at Saudi Arabia’s Petro Rabigh oil refinery in 2017.
Dragos called the Triton malware the “most dangerous threat to” industrial control systems.
The cybersecurity company said so far the hacker group has been unable to access any power grid systems. The scanning could be an indication of an attack to come, though, especially since the hackers have been successful in Saudi Arabia.
“Xenotime expressing consistent, direct interest in electric utility operations is a cause for deep concern given this adversary’s willingness to compromise process safety — and thus integrity — to fulfill its mission,” a Dragos blog post said.
The company encouraged U.S. electrical companies to boost their cybersecurity to prevent a potential future attack.