TRITON Malware Targets Physical Infrastructure
Return To ArticleSecurity researchers have uncovered another nasty piece of malware designed specifically to target industrial control systems (ICS) with a potential to cause health and life-threatening accidents.
Dubbed Triton, also known as Trisis, the ICS malware has been designed to target Triconex Safety Instrumented System (SIS) controllers made by Schneider Electric—an autonomous control system that independently monitors the performance of critical systems and takes immediate actions automatically, if a dangerous state is detected.
Triton leverages the proprietary TriStation protocol, which is an engineering and maintenance tool used by Triconex SIS products and is not publicly documented, suggesting that the attackers reverse engineered it when creating their malware.
