- Also known as Triton and Xenotime
This threat actor targets the Triconex safety instrumented system (SIS) controllers produced by Schneider Electric, as well as a proprietary network communications protocol. SIS controllers maintain safe conditions in an industrial system should other failures occur. In 2017, the U.S. Department of Homeland Security released a malware analysis report on the tools used by this threat actor.
- Saudi Arabia
Suspected state sponsor
Type of incident
- Private sector