In recent years, we as practitioners have experienced an explosion of threats and exploits targeting ICS/SCADA/IIoT systems, and those threats have become more and more complex as the nature of the adversary has been become more sophisticated. Attacks by nation state actors, as well as common cyber criminals are beginning to show impact, as there are multiple motives at play: damage/disruption, AND financial gain. Just when we thought that ransomware was the coup de guar enter TRISIS (or TRITON), which flips on its edge the common defensive strategies and mechanisms by which we protect critical processes and subsequently the systems that help to prevent the loss of human life. In this talk, we will discuss a) what TRISIS/TRITON is, b) What it does/is capable of, and c) why is this such a game changer in the defense of ICS/SCADA/IIoT systems and the critical processes they support.

Recorded at NolaCon 2018