US Treasury sanctions Russian research institute behind Triton malware

mood · Oct 24, 2020

US Treasury sanctions Russian research institute behind Triton malware
US imposes sanctions against Russia's Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM)
October 23, 2020
https://www.zdnet.com/article/us-tr...ian-research-institute-behind-triton-malware/

The US Treasury Department announced sanctions today against a Russian research institute for its role in developing Triton, a malware strain designed to attack industrial equipment.

Sanctions were levied today against the State Research Center of the Russian Federation FGUP Central Scientific Research Institute of Chemistry and Mechanics (also known as CNIIHM or TsNIIKhM).
A FireEye report published in October 2018 identified CNIIHM as the possible author of the Triton malware.

The Triton malware, also known as Trisis or HatMan, is a piece of malware that was designed to specifically target a certain type of industrial control system (ICS) equipment — namely, Schneider Electric Triconex Safety Instrumented System (SIS) controllers.
Click to expand...

TRITON ALMOST CAUSED AN EXPLOSION AT A SAUDI PETROCHEMICAL PLANT
The malware was first spotted after it was used successfully in 2017 during an intrusion at a Saudi petrochemical plant owned by Tasnee, a privately owned Saudi company, where it almost cause an explosion.

Since then, the malware has been deployed against other companies. Furthermore, the group behind the malware (known as TEMP.Veles or Xenotime) has also been seen "scanning and probing at least 20 electric utilities in the United States for vulnerabilities," the US Treasury said today in a press release.

"This Administration will continue to aggressively defend the critical infrastructure of the United States from anyone attempting to disrupt it."
Click to expand...

U.S. Department of the Treasury: Treasury Sanctions Russian Government Research Institution Connected to the Triton Malware

Washington – Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated, pursuant to Section 224 of the Countering America’s Adversaries Through Sanctions Act (CAATSA), a Russian government research institution that is connected to the destructive Triton malware. The Triton malware — known also as TRISIS and HatMan in open source reporting — was designed specifically to target and manipulate industrial safety systems.
Click to expand...

hawki · Feb 11, 2021

"Anne Neuberger to lead SolarWinds response

The White House has tapped Anne Neuberger, a career intelligence veteran and former senior cybersecurity official at the National Security Agency, to lead the government's response to the SolarWinds hack...

Neuberger formerly served as the director of the NSA's cybersecurity division and was tapped by the White House to be the deputy national security advisor for cyber and emerging technology at the National Security Council..."

https://fcw.com/articles/2021/02/11/neuberger-usg-hack-lead.aspx

Log in or Sign up

US Treasury sanctions Russian research institute behind Triton malware

mood Updates Team

hawki Registered Member

Log in or Sign up

US Treasury sanctions Russian research institute behind Triton malware

mood Updates Team

hawki Registered Member

Useful Searches