US government blames the Russian research institute for supporting the recent TRITON/TRISYS/HatMan attacks. How do these attacks work? How to protect industrial sites? And what are the rules and regulations?
FireEye reports that the Triton (aka Trisys) malware targeting safety instrumented systems has been discovered at another undisclosed target in the Middle East. As a result of investigating that intrusion, FireEye reports that the threat actors behind Triton are a government-sponsored Russian agency