TRITON Attacker Disrupts ICS Operations, While Botching Attempt to Cause Physical Damage

Cyberattacks that cause physical damage to critical infrastructure—like the Stuxnet campaign that destroyed nearly 1,000 centrifuges at an Iranian uranium enrichment facility in 2010—have been relatively rare because of how difficult they are to carry out. That may be changing.

A threat actor with possible nation-state backing recently disrupted operations at a critical infrastructure facility when trying to reprogram a system used for monitoring the safety of industrial systems (ICS) at the location, using custom malware named TRITON.

Read more about the discovery of TRITON malware on DarkReading.

Track the strategic threats to your business with the Threat Brief, delivered to your email daily.

Subscribe Here