Black Hat: Understanding TRITON, The First SIS Cyber Attack

Black Hat: Understanding TRITON, The First SIS Cyber Attack

Today at Black Hat USA I am part of a team speaking about the landmark TRITON malware attack. We are presenting new research on TRITON, releasing two tools to help defend against it and publishing a white paper summarizing our findings.

The TRITON malware attack went beyond other industrial cyber attacks by directly interacting with a Safety Instrumented System (SIS). Asset owners should act immediately to secure their SIS — and the information in our white paper will help.

SCADA Cyber Security for an Industry 4.0 Oil and Gas Application

SCADA Cyber Security for an Industry 4.0 Oil and Gas Application

If you’re boots-on-the-ground dealing with the daily oil and gas challenges of control and automation, you’ve likely heard lots about Industry 4.0, the fourth wave of industrial revolution. Given the inter-connection between more and more devices and commercially marketed systems, the cyber security challenges of this phase of automation are daunting.

To overcome these hurdles, let’s examine how an application that’s been around for a long time – hosted SCADA, can be monitored for cyber security, data integrity and reliability.

$15 Million Investment Fuels Nozomi Networks Future Growth

$15 Million Investment Fuels Nozomi Networks Future Growth

We are excited to announce that our company has received $15 million in Series B financing, led by new investor Invenergy Future Fund.

This investment recognizes Nozomi Networks extraordinary accomplishments, demonstrates confidence in our future, and reflects the growing ICS cyber security market.

Let’s take a closer look at the reasons behind today’s announcement, and our company’s outlook as we enter 2018.

New TRITON ICS Malware is Bold and Important

New TRITON ICS Malware is Bold and Important

FireEye has reported that it has recently worked with an industrial operator whose facility was attacked by a new type of ICS malware, which they are calling TRITON. The attack reprogrammed a facility’s Safety Instrumented System (SIS) controllers, causing them to enter a failed state, and resulting in an automatic shutdown of the industrial process.

The TRITON attack is bold and notable because it is the first known industrial control system (ICS) attack that has targeted and impacted not just an ICS, but SIS equipment. Fortunately, because of the unique nature of how each plant implements its SIS and overall safety measures, the malware is not readily scalable.