Home > Resources > Whitepapers > TRISIS Malware Analysis of Safety System Targeted Malware

TRISIS Malware Analysis of Safety System Targeted Malware

December 13, 2018

In mid-November 2017, the Dragos, Inc. team discovered ICS-tailored malware deployed against at least one victim in the Middle East. The team identifies this malware as TRISIS because it targets Schneider Electric’s Triconex safety instrumented system (SIS) enabling the replacement of logic in final control elements. TRISIS is highly targeted and likely does not pose an immediate threat to other Schneider Electric customers, let alone other SIS products. Importantly, the malware leverages no inherent vulnerability in Schneider Electric products. However, this capability, methodology, and tradecraft in this very specific event may now be replicated by other adversaries and thus represents an addition to industrial asset owner and operators’ threat models.

I'm For Real

Enter your details once to access all our information and resources

Spotlight

Codenomicon

Codenomicon, now part of the Synopsys Software Integrity Group, is the global leader in advancing security and robustness. Our solutions work to strenghten business performance by finding and addressing the weakest security links. Based on the belief that transparency and intelligence will deliver strength to the Core of systems, networks and complex infrastructures, the systems developed and tested with Codenomicon are built for optimal security. Founded in 2001, Codenomicon has deep roots in academia, having been originally spun out from the Oulu University Secure Programming Group and its successful PROTOS research project. Today, Codenomicon offers a suite of solutions that empower organizations, governments, developers and users the highest degree of visibility and reliability, targeting known and unknown threats and providing accurate and actionable intelligence.

OTHER WHITEPAPERS
news image

Cisco’s Private 5G Solution Security Overview

whitePaper | October 12, 2022

Cisco’s Private 5G (P5G) solution, offered as a service, is designed to fit seamlessly into existing enterprise networks and provide private cellular networking capabilities for that enterprise. The solution builds on Cisco’s enterprise networking best practices and a clear understanding of enterprises’ understanding and expectations of private networks.

Read More
news image

Cyber Security State of Tech in 2022

whitePaper | August 4, 2022

The Coronavirus pandemic accelerated technology adoption in ways thought unimaginable just a few short years ago. But in the background and often without much fanfare, cybercrime grew far worse. Threat actors continued their work – often backed by millions of dollars from hostile foreign governments – to penetrate networks and wreak havoc on digital infrastructures

Read More
news image

Log More to Improve Visibility and Enhance Security

whitePaper | September 29, 2022

As the amount of system log data grows exponentially, security teams and threat hunters routinely must limit how much they can collect and how long they can store it because of the performance limitations and costs associated with traditional log management tools.

Read More
news image

Privileged Remote Access Security in Cloud Whitepaper

whitePaper | May 5, 2022

The purpose of this document is to help technically-oriented professionals understand the security-related value BeyondTrust can bring to your organization. BeyondTrust can help your organization stay secure and compliant, while improving the efficiency and success of your organization with a better user experience.

Read More
news image

Understanding Ransomware and Strategies to Defeat it

whitePaper | March 5, 2020

Held Hostage in Hollywood: In February 2016 the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 to hackers who infiltrated and disabled its computer network with ransomware. The hospital paid the ransom of 40 Bitcoins (currently worth about $16,664) after a “network infiltration” began on February 5, when employees reported being unable to access the hospital’s network and electronic medical records system. “The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said hospital CEO Allen Stefanek.

Read More
news image

Threat Connect Cyber Survey Report

whitePaper | January 4, 2022

Whether you are in financial services, farming, or public infrastructure, the security threat to organizations has never been greater. Today, almost every company is a technology company in some shape or form and this can be a soft underbelly - open to attack. Cyber risk is the fastest-growing risk faced by businesses globally. A wide range of statistics and sources make it clear that attackers have become even more proficient over recent years, using automation to exploit vulnerabilities at an accelerated pace and frequency. Threats are even more widespread and complex than before.

Read More

Cisco’s Private 5G Solution Security Overview

whitePaper | October 12, 2022

Cisco’s Private 5G (P5G) solution, offered as a service, is designed to fit seamlessly into existing enterprise networks and provide private cellular networking capabilities for that enterprise. The solution builds on Cisco’s enterprise networking best practices and a clear understanding of enterprises’ understanding and expectations of private networks.

Read More

Cyber Security State of Tech in 2022

whitePaper | August 4, 2022

The Coronavirus pandemic accelerated technology adoption in ways thought unimaginable just a few short years ago. But in the background and often without much fanfare, cybercrime grew far worse. Threat actors continued their work – often backed by millions of dollars from hostile foreign governments – to penetrate networks and wreak havoc on digital infrastructures

Read More

Log More to Improve Visibility and Enhance Security

whitePaper | September 29, 2022

As the amount of system log data grows exponentially, security teams and threat hunters routinely must limit how much they can collect and how long they can store it because of the performance limitations and costs associated with traditional log management tools.

Read More

Privileged Remote Access Security in Cloud Whitepaper

whitePaper | May 5, 2022

The purpose of this document is to help technically-oriented professionals understand the security-related value BeyondTrust can bring to your organization. BeyondTrust can help your organization stay secure and compliant, while improving the efficiency and success of your organization with a better user experience.

Read More

Understanding Ransomware and Strategies to Defeat it

whitePaper | March 5, 2020

Held Hostage in Hollywood: In February 2016 the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 to hackers who infiltrated and disabled its computer network with ransomware. The hospital paid the ransom of 40 Bitcoins (currently worth about $16,664) after a “network infiltration” began on February 5, when employees reported being unable to access the hospital’s network and electronic medical records system. “The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said hospital CEO Allen Stefanek.

Read More

Threat Connect Cyber Survey Report

whitePaper | January 4, 2022

Whether you are in financial services, farming, or public infrastructure, the security threat to organizations has never been greater. Today, almost every company is a technology company in some shape or form and this can be a soft underbelly - open to attack. Cyber risk is the fastest-growing risk faced by businesses globally. A wide range of statistics and sources make it clear that attackers have become even more proficient over recent years, using automation to exploit vulnerabilities at an accelerated pace and frequency. Threats are even more widespread and complex than before.

Read More
More Whitepapers

Spotlight

Codenomicon

Codenomicon, now part of the Synopsys Software Integrity Group, is the global leader in advancing security and robustness. Our solutions work to strenghten business performance by finding and addressing the weakest security links. Based on the belief that transparency and intelligence will deliver strength to the Core of systems, networks and complex infrastructures, the systems developed and tested with Codenomicon are built for optimal security. Founded in 2001, Codenomicon has deep roots in academia, having been originally spun out from the Oulu University Secure Programming Group and its successful PROTOS research project. Today, Codenomicon offers a suite of solutions that empower organizations, governments, developers and users the highest degree of visibility and reliability, targeting known and unknown threats and providing accurate and actionable intelligence.

Events

Cyber Security World Asia

Conference