4×19 — Miami — New details have emerged about the 2017 Triton/Trisis cyberattack on a Middle East plant’s safety instrumentation system — including a missed opportunity to squash it two months earlier than its ultimate discovery, according to an ICS security expert who assisted in the incident response.
New information also shows that the attackers infected six engineering systems, not just two as investigators had reported, said Julian Gutmanis, who was working out of a major oil and gas organization in Saudi Arabia at the time of the attacks, in a presentation here at S4. The publicly revealed attack on Aug. 7, 2017, was not the first incident suffered by the victim at the hands of the Triton/Trisis attackers, he said.
By Kelly Jackson Higgins
To read the full article click here.