Notorious Triton/Trisis Cyberattacks on Energy Firms

The DoJ blamed four Russian government employees for cyberattacks actively targeting energy sector companies in 100+ countries.

TODAY, the US government unsealed two blockbuster charges handed down in 2021 concerning two major industrial system cyber attack campaigns that targeted the global energy sector between 2012 and 2018. Back in 2017 infamous Triton/Trisis malware was used in an attack campaign that shut down Schneider Electric's SCADA systems at a chemical plant in Saudi Arabia.

Triton was one of the first known OT cyberattacks pointed to inflict cyber-physical and life-threatening harm on targets: The malware was planned to damage and deceive the Schneider security system, making defense controls unable to detect malicious activity on its ICS environment. Criminals were charged with conspiracy, damage, and cyber fraud, which could bring 45 years in prison.

Disclaimer

The information provided in the Arcane Security Advisory is provided "as is" without warranty of any kind. Arcane disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Arcane or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits, or special damages, even if Arcane or its suppliers have been advised of the possibility of such damages.

Tags: #security-advisory #cyberattack #ics