TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 3

TRITON's tactics and technics

In part 3 of the TRITON tactics and technics series come the Defense Evasion techniques which seek to help the malware bypass defensive tools’ detection. These techniques have been mapped by MITRE ATT&CK in their universally renowned knowledge base of adversary tactics and techniques based on real-world observations.

As a reminder, TRITON malware was first identified during an attack on a Saudi Arabian petrochemical plant facility in the year 2017 and it targets Schneider Electric’s Triconex Tricon controllers. This was the first time in history that safety instrumented systems were targeted with the intention to fail, potentially leading to serious damage to property and humans.

TRITON's Defense Evasion technics


Next week, we will present the Credential Access Techniques of the TRITON malware.



About this article

This article was based on a Cybersecurity Advisory by CISA. You can read the full CSA here.

Dodaj komentarz


Submit a Comment

Your email address will not be published. Required fields are marked *