TRITON or TRISIS (detected by Trend Micro as TROJ_TRISIS.A) is a recently discovered malware that was designed to manipulate industrial safety systems and most notably was involved in shutting down an industrial plant’s operations.
Standard maintenance policies leave machinery vulnerable to attack. Both hardware and software are vulnerable when normal operations and security protocols are paused or switched to another mode so that updates or fixes can be applied.
A complete discussion of the different vulnerability categories, including case studies of vulnerable SCADA HMIs. The paper also provides a guide for vulnerability researchers, as well as vendors on quick and efficient bug discovery.
With a little SDR knowledge and a $20 USB dongle, attackers can read unencrypted pager messages from far away. This time, we look at what that means for nuclear plants, HVAC, manufacturers and other industries still using pagers.
By analyzing ICS-CERT advisories and the vulnerabilities provided by our network of world-wide researchers working with the Zero Day Initiative program, it is possible to get an understanding of the attack surface that is exposed by HMI solutions.
To compete in today’s market driven global economy, businesses opt for control systems that automatically manage processes. ICS enables efficiency, but are connected, heightening threat exposure and corresponding business risks.