[Video] Hunting for Xenotime, Creators of TRITON-TRISIS ICS Malware

October 31, 2018 0

Presented at SecurityWeek’s 2018 ICS Cyber Security Conference

Speakers:

  • Robert Lee – CEO, Dragos
  • Marc Seitz – Threat Analyst, Dragos

The activity group responsible for the TRISIS/TRITON malware is identified as XENOTIME. After the attack on the safety instrumented system in 2017 the group remained active targeting other environments with different safety systems in other regions of the world. Hunting for the behaviors of this group allows defenders to not only search for existing threats but also identify new threats leveraging such behaviors and prepare confidently to detect and respond to such incidents. In this presentation audience members heard unique insights into the threat and how the Threat Hunt Cycle can be leveraged to provide actionable recommendations on building a collection management framework and applying hypothesis-led threat hunting to test out their collection while creating playbooks for how to effectively and efficiently identify and respond to attacks.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.


Subscribe for Event News