FireEye TRITON Attribution: Russian Government-Owned Lab Most Likely Built Custom Intrusion Tools for TRITON Attackers

Posting ID 117412
Date Added: 10/24/2018 10:30 AM EDT
Date Modified: 10/24/2018 10:30 AM EDT
E-ISAC Staff


In a previous blog post FireEye detailed the TRITON intrusion that impacted industrial control systems (ICS) at a critical infrastructure facility in the Middle East. In this blog post FireEye provides additional information linking the theat group's activity surrounding the TRITON intrusion to a Russian government-owned research institute.

Category Type:
Cyber Security
TLP - White
Shared Count (4)
  • CRISP - Cyber Risk Info Sharing Program
  • E-ISAC AOO Members
  • E-ISAC Staff
  • Watch Floor