Apr 10, 2019

Second target hit by notorious TRITON malware

Joe Uchill

Statue of Triton, son of Neptune, Nicola Salvi's Trevi Fountain, Italy. Photo: DeAgostini/Getty Images

The attackers who launched TRITON, a notorious industrial-system-focused malware only known to have been used once, have struck a second target, according to researchers at FireEye presenting at the Kaspersky Lab SAS Summit in Singapore.

Why it matters: FireEye was the first to discover TRITON, which startled researchers by amassing an uncommon amount of control over industrial systems. Due to a mistake in the attack, it inadvertently led to a plant shutdown and nearly caused a deadly explosion. While no one expected TRITON to be a one-time affair, its resurgence is jarring.

Background: The victim of the first attack was not identified by FireEye, but a harrowing account of the attack in E&E News revealed it to be the Petro Rabigh refinery in the Red Sea.

  • FireEye later attributed the design of components of the TRITON malware to a research institute in Moscow.

Details: The new victim, also not identified by FireEye, revealed the use of hacking tools not seen in the first attack.

  • The tools appear to date from as far back as 2014, though FireEye has never seen them in use in the past.
  • FireEye reported indicators and recommended techniques defenders can use to identify and thwart future TRITON attacks.
  • "[W]e strongly encourage industrial control system (ICS) asset owners to leverage the indicators, TTPs [tactics, techniques and procedures], and detections," FireEye wrote in its official report.

Go deeper

Axios

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 9 p.m. ET: 857,487 — Total deaths: 42,107 — Total recoveries: 178,034.
  2. U.S.: Leads the world in confirmed cases. Total confirmed cases as of 9 p.m. ET: 188,172 — Total deaths: 3,873 — Total recoveries: 7,024.
  3. Business updates: Should you pay your rent or mortgage during the coronavirus pandemic? Find out if you are protected under the CARES Act.
  4. Public health updates: More than 400 long-term care facilities across the U.S. report patients with coronavirus — Older adults and people with underlying health conditions are more at risk, new data shows.
  5. Federal government latest: President Trump said the next two weeks would be "very painful," with projections indicating the virus could kill 100,000–240,000 Americans.
  6. U.S.S. Theodore Roosevelt: Captain of nuclear aircraft carrier docked in Guam pleaded with the U.S. Navy for more resources after more than 100 members of his crew tested positive.
  7. What should I do? Answers about the virus from Axios expertsWhat to know about social distancingQ&A: Minimizing your coronavirus risk.
  8. Other resources: CDC on how to avoid the virus, what to do if you get it.

Subscribe to Mike Allen's Axios AM to follow our coronavirus coverage each morning from your inbox.

Keep ReadingArrowUpdated 35 mins ago - Politics & Policy
Axios

World coronavirus updates: UN warns of recession with "no parallel" to recent past

Data: The Center for Systems Science and Engineering at Johns Hopkins, the CDC, and China's Health Ministry. Note: China numbers are for the mainland only and U.S. numbers include repatriated citizens and confirmed plus presumptive cases from the CDC

The novel coronavirus pandemic is the "greatest test" the world has faced together since the formation of the United Nations just after the Second World War ended in 1945, UN chief António Guterres said Tuesday.

The big picture: COVID-19 cases surged past 856,000 and the death toll exceeded 42,000 Tuesday, per Johns Hopkins data. Italy reported more than 12,000 deaths.

Go deeperArrowUpdated 2 hours ago - Health
Zachary Basu

White House projects 100,000 to 240,000 U.S. coronavirus deaths

President Trump said at a press briefing on Tuesday that the next two weeks in the U.S. will be "very painful" and that he wants "every American to be prepared for the days that lie ahead," before giving way to Deborah Birx to explain the models informing the White House's new guidance on the coronavirus.

Why it matters: It's a somber new tone from the president that comes after his medical advisers showed him data projecting that the virus could kill 100,000–240,000 Americans — even with strict social distancing guidelines in place.

Go deeperArrowUpdated 3 hours ago - Health