The hacking group Xenotime, reported to be behind intrusions targeting facilities in oil and gas industries, has started probing industrial control systems (ICSs) of power grids in the U.S. and the Asia-Pacific region.
Security researchers uncovered an additional intrusion by the threats actors behind 2017's TRITON malware, a dangerous and potentially destructive malware that targets the safety systems of industrial facilities.
TRITON or TRISIS (detected by Trend Micro as TROJ_TRISIS.A) is a recently discovered malware that was designed to manipulate industrial safety systems and most notably was involved in shutting down an industrial plant’s operations.
Standard maintenance policies leave machinery vulnerable to attack. Both hardware and software are vulnerable when normal operations and security protocols are paused or switched to another mode so that updates or fixes can be applied.