Top of page
Global Site Navigation

ECU Security Research Institute

Local Section Navigation
You are here: Main Content

Triton Malware threatens Industrial Safety Systems

Monday, 05 March 2018


Triton Malware threatens Industrial Safety Systems

A Middle East Industrial Safety System was recently attacked with malicious malware designed specifically to enable the damage or destruction of industrial equipment. This malware known as Triton, or Trisis, aimed to interfere with or shut down completely Schneider Electric’s Triconex safety instrumented system (SIS) The SIS are used by human operators to monitor industrial processes in order to detect potentially dangerous conditions, triggering alerts or shutdowns to prevent accidents or deliberate acts of sabotage which could result in an explosion, damaged machines, property destruction, injury or loss of human life. Triton is one of less than a handful of known cases worldwide where malware has been specifically designed and executed to sabotage industrial control systems and the attack appeared to be a sophisticated state-sponsored style coordinated attack on the organisation plant. This presentation will give an overview of the attack timeline, highlight the capabilities of the malware and the attack flow, and explain just how the attackers compromised the SIS device.


Paresh Kerai is an Industrial Control System (ICS) Security Engineer and researcher, specializing in in cyber security in control systems and network infrastructure, and computer forensics. Currently enrolled in Doctor of Philosophy at Edith Cowan University, his research focus is on the security of Modbus protocol used in critical infrastructure systems and the security framework of industrial control systems. He is also interested in computer forensics, wireless security, IoT devices and network

Event details

Where: Edith Cowan University, Building 21, Room 202, 270 Joondalup Drive, Joondalup WA 6027
When: Tuesday 27 March 2018
Time: 3.30pm - 4.30pm presentation / 4.30pm – 5.00pm Light refreshments and networking

Register via Eventbrite on: security-research-institute_events


Skip to top of page