In a new article from Wired, reporters share information from the S4 ICS Security Conference, where Schneider Electric revealed more details about the Triton Malware, and the steps they have taken to safeguard customers. some interesting notes from the talk:
- Triton is only the third documented malware specifically targeted toward industrial control systems.
- The malware exploits a previously unknown Zero-day vulnerability.
- A city-state actor is suspected, though there has been no speculation as to which is involved.
- The attacker had both knowledge of Schneider Electric software and plant architectures.
Schneider Electric has not said which customer was affected, but has said that they are located in the Middle East.
According to the article, “Analysts have largely lauded Schneider’s response and transparency, noting that addressing these types of vulnerabilities takes extensive, multinational cooperation across the security industry.”
Read more about Schneider Electric’s response and the Triton Malware here: