Explore an in-depth analysis of the TRISIS malware and learn effective strategies to protect Safety Instrumentation Systems (SIS) in this 54-minute conference talk by Dragos: ICS Cybersecurity. Dive into the background, timeline, and technical details of the TRISIS attack, including its impact on safety systems and potential consequences. Gain insights into the malware's logic organization, payload structure, and program compilation process. Discover mitigation techniques, defense strategies, and the ICS Cyber Kill Chain specific to TRISIS. Understand the four types of detection and learn smart questions to ask when assessing your organization's cybersecurity posture. Enhance your knowledge of industrial control system security and develop a comprehensive approach to safeguarding critical infrastructure against sophisticated cyber threats.
Analyzing and Defending Against TRISIS - Safety Instrumentation Systems Cybersecurity
Dragos: ICS Cybersecurity via YouTube
Overview
Syllabus
Intro
Background: By the numbers
Dragos Timeline
What are Safety Instrumentation Systems?
Safety Systems
Explanation: How it happened
Logic Organization - TriStation 1131
Appending to a Program
First payload is a check payload
Egg Hunt and Overwrite Memory
Appending TRISIS
Program Epilogue
Second Logic Upload - Speculation
Program Compilation
TRISIS Effects
TRISIS - Potential Effects
Explanation: What comes next
Mitigation: How to protect
Mitigation: How to defend
ICS Cyber Kill Chain
Known TRISIS ICS Kill chain
The Four Types of Detection
Types of Detection - TRISIS
Smart Questions to ask
Taught by
Dragos: ICS Cybersecurity
Related Courses
-
ICS - SCADA Network Security Monitoring in Difficult Scenarios
-
Analyzing and Understanding CRASHOVERRIDE - ICS Cybersecurity Webcast
-
Changing the Game - The Impact of TRISIS TRITON on Defending ICS-SCADA-IIoT
-
Evaluating ICS Vulnerabilities - Prioritization and Mitigation Strategies
-
5 Considerations for ICS Incident Response
-
Industrial Control Systems Cybersecurity Conference - Australia
