EPISODE · Jun 23, 2020 · 1H 13M
68: Triton
from Darknet Diaries · host Jack Rhysider
A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world.A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.Sources https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html https://dragos.com/wp-content/uploads/TRISIS-01.pdf Video S4 TRITON - Schneider Electric Analysis and Disclosure Video S4 TRITON - Mandiant Analysis at S4x18 Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos Video S4 TRITON - A Report From The Trenches Video - Safety Orientation video for the Chemical Plant
What this episode covers
A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world. A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project. Sources https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html https://dragos.com/wp-content/uploads/TRISIS-01.pdf Video S4 TRITON - Schneider Electric Analysis and Disclosure Video S4 TRITON - Mandiant Analysis at S4x18 Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos Video S4 TRITON - A Report From The Trenches Video - Safety Orientation video for the Chemical Plant
NOW PLAYING
68: Triton
No transcript for this episode yet
Similar Episodes
Jun 25, 2026 ·105m
Jun 19, 2026 ·27m
Jun 18, 2026 ·107m
Jun 15, 2026 ·75m