TRITON or TRISIS (detected by Trend Micro as TROJ_TRISIS.A) is a recently discovered malware that was designed to manipulate industrial safety systems and most notably was involved in shutting down an industrial plant’s operations.
Standard maintenance policies leave machinery vulnerable to attack. Both hardware and software are vulnerable when normal operations and security protocols are paused or switched to another mode so that updates or fixes can be applied.
A complete discussion of the different vulnerability categories, including case studies of vulnerable SCADA HMIs. The paper also provides a guide for vulnerability researchers, as well as vendors on quick and efficient bug discovery.
With a little SDR knowledge and a $20 USB dongle, attackers can read unencrypted pager messages from far away. This time, we look at what that means for nuclear plants, HVAC, manufacturers and other industries still using pagers.
By analyzing ICS-CERT advisories and the vulnerabilities provided by our network of world-wide researchers working with the Zero Day Initiative program, it is possible to get an understanding of the attack surface that is exposed by HMI solutions.