Black Hat: Understanding TRITON, The First SIS Cyber Attack

Black Hat: Understanding TRITON, The First SIS Cyber Attack

Today at Black Hat USA I am part of a team speaking about the landmark TRITON malware attack. We are presenting new research on TRITON, releasing two tools to help defend against it and publishing a white paper summarizing our findings.

The TRITON malware attack went beyond other industrial cyber attacks by directly interacting with a Safety Instrumented System (SIS). Asset owners should act immediately to secure their SIS — and the information in our white paper will help.

Electric Grid Cyber Security: Ten Actions Utilities Can Do Now

Electric Grid Cyber Security: Ten Actions Utilities Can Do Now

Concerns about cyber attacks on the U.S. critical infrastructure have reached a new level with The Wall Street Journal reporting “an evolution in the U.S. government’s thinking about how to deter malicious cyberactors”.

Find out ten actions that can be done quickly to monitor and secure the electrical grid against determined threat actors.

Russian Cyber Attacks on Critical Infrastructure: The “New Normal”

Russian Cyber Attacks on Critical Infrastructure: The “New Normal”

Concerns about Russian cyber attacks on U.S. electric utilities have increased again this week. The Wall Street Journal is reporting that such attacks have impacted hundreds of victims, not just the dozens reported earlier.

This news brings a new wave of concern about cyber attacks across the U.S. and beyond. If you are involved in this discussion, following is a recap of what is known about the Russian cyber attacks and my thoughts on its significance and repercussions.

Thwarting a Power Grid Control Center Cyberattack

Thwarting a Power Grid Control Center Cyberattack

Based on recent reports of Russian involvement in a multistage intrusion of the US power grid, it’s no longer a question of “if” threat actors will gain access to critical infrastructure control systems – it’s when it will happen again, and for what purpose.

What can be done to thwart these potentially disruptive assaults?

Russian Cyberattacks on Critical Infrastructure – What You Need to Know

Russian Cyberattacks on Critical Infrastructure – What You Need to Know

The U.S. government has just released an important cyber security alert that confirms Russian government cyberattacks targeting energy and other critical infrastructure sectors.

The cyber campaign described is not new however, rather it is likely an expanded version of the Dragonfly 2.0 playbook. The Nozomi Networks solution ships today with an analysis toolkit that identifies the presence of Dragonfly.