TRITON - Cyber Security Review

INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems

Posted onApril 13, 2022April 21, 2022

In early 2022, Mandiant, in partnership with Schneider Electric, analyzed a set of novel industrial control system (ICS)-oriented attack tools—which we call INCONTROLLER (aka PIPEDREAM)—built to target machine automation devices. The tools can interact with specific industrial equipment embedded in Read More …

TRITON Malware Remains Threat to Global Critical Infrastructure Industrial Control Systems (ICS)

Posted onMarch 24, 2022March 29, 2022

The FBI is warning that the group responsible for the deployment of TRITON malware against a Middle East–based petrochemical plant’s safety instrumented system in 2017, the Russian Central Scientific Research Institute of Chemistry and Mechanics (TsNIIKhM), continues to conduct activity Read More …

Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart Meter Control Infrastructure

Posted onApril 13, 2021April 14, 2021

High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception across critical infrastructure organizations that OT networks are isolated from public networks—such as the Internet. In Read More …

USB threats to ICS systems have nearly doubled

Posted onApril 1, 2021April 8, 2021

The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% Read More …

US Treasury sanctions Russian research institute behind Triton malware

Posted onOctober 23, 2020January 1, 2021

The US Treasury Department announced sanctions today against a Russian research institute for its role in developing Triton, a malware strain designed to attack industrial equipment. Sanctions were levied today against the State Research Center of the Russian Federation FGUP Read More …

NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug

Posted onJuly 24, 2020January 1, 2021

The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S. Separately, ICS-CERT issued an advisory on a critical security bug in Read More …

Trisis has the security world spooked, stumped and searching for answers

Posted onJanuary 16, 2018March 23, 2021

More than four months have passed since a novel, highly sophisticated piece of malware forced an important oil and gas facility in the Middle East to suddenly shut down, but cybersecurity analysts still don’t know who wrote the code. Since Read More …

Triton Malware Targets Industrial Control Systems in Middle East

Posted onDecember 15, 2017December 17, 2017

Researchers found malware called Triton on the industrial control systems of a company located in the Middle East. Attackers planted Triton, also called Trisis, with the intent of carrying out a “high-impact attack” against an unnamed company with the goal Read More …