ICS malware Triton attack and countermeasures


Jin-woo Myung ; Sunghyuck Hong, Vol. 3, No. 2, pp. 13-17, Jun. 2019
10.22662/IJEMR.2019.3.2.013, Full Text:
Keywords: TRITON, ICS, SIS, IT Network, OT Network

Abstract

Background/Objectives: Triton is the world’s most serious malware and it’s now spreading by all over the networks. The hackers has deployed malicious code or malware which let them take over the plant’s safety instrumented systems. Methods/Statistical analysis: In this study, the research structure of TRITON Attack and Countermeasure proceeds as follows. It describes the attack method of TRITON and TRITON, the attack type of TRITON, and explains the structure of simple ICS and countermeasures of TRITON. Findings: These physical controllers and their associated software codes are the last line of defense against life-threatening crisis. Many factories now perform automated processes using computers. However, in 2017 an attack aimed at this emerged. We have detected that a malicious program is installed in the emergency safety device. All of the automation equipment used in these industrial sites is called ICS, and Triton is one of the malicious codes targeting these ICSs. Improvements/Applications: After the hacker sets up the target, the attacker uses a secure shell (SSH) based tunnel to deliver the attack tool and execute remote commands of the program after accessing the IT and OT networks, installing back doors in the computer network, and then accessing the target safety instrumentation system (SIS) controller in the OT network while scouting the network, moving the internal network, and maintaining access. Therefore, we proposed ICS malware for countermeasure to prevent from Triton attack.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[APA Style]
Jin-woo Myung ; Sunghyuck Hong (2019). ICS malware Triton attack and countermeasures. International Journal of Emerging Multidisciplinary Research, 3(2), 13-17. DOI: 10.22662/IJEMR.2019.3.2.013.

[IEEE Style]
J. M. ;. S. Hong, "ICS malware Triton attack and countermeasures," International Journal of Emerging Multidisciplinary Research, vol. 3, no. 2, pp. 13-17, 2019. DOI: 10.22662/IJEMR.2019.3.2.013.

[ACM Style]
Jin-woo Myung ; Sunghyuck Hong. 2019. ICS malware Triton attack and countermeasures. International Journal of Emerging Multidisciplinary Research, 3, 2, (2019), 13-17. DOI: 10.22662/IJEMR.2019.3.2.013.