EPISODE · Oct 28, 2022 · 42 MIN
Joe Slowik on TRITON Malware, XENOTIME Hacking Group
from Nexus: A Claroty Podcast · host Claroty
Joe Slowik, threat intelligence and detections lead at Gigamon, joins the podcast to discuss the XENOTIME hacking group, the entity believed to be responsible for the 2017 Triton attack. Triton was deployed within a petrochemical facility in Saudi Arabia and triggered a fault in the Schneider Electric Triconex Safety Instrumented Systems that initiated a shutdown of the plant. The Triton intrusion and malware deployment could have been much worse, resulting in harmful physical consequences and loss of life. Slowik's recent Virus Bulletin paper and presentation describes the complex ecosystem behind XENOTIME, its connections to Russian intelligence, and the tooling it built enabling the Triton attack and deployment.One question does linger: Who wrote Triton?
What this episode covers
Joe Slowik, threat intelligence and detections lead at Gigamon, joins the podcast to discuss the XENOTIME hacking group, the entity believed to be responsible for the 2017 Triton attack. Triton was deployed within a petrochemical facility in Saudi Arabia and triggered a fault in the Schneider Electric Triconex Safety Instrumented Systems that initiated a shutdown of the plant. The Triton intrusion and malware deployment could have been much worse, resulting in harmful physical consequences a...
NOW PLAYING
Joe Slowik on TRITON Malware, XENOTIME Hacking Group
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.