Explore the worlds best online cybersecurity training with OnDemand - view a Demo Today!


To attend this webcast, login to your SANS Account or create your Account.

Safety Systems Shutdown by Malware - Hype and Reality

  • Thursday, September 27th, 2018 at 3:30 PM EDT (19:30:00 UTC)
  • Dave Weinstein and Pat Barry
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.


  • Claroty Inc.

You can now attend the webcast using your mobile device!


Industrial safety systems monitor control processes in the plant and when unsafe conditions occur, theyre designed to protect personnel, equipment and the environment through an automated shutdown if required. In a watershed cyber-physical event on a chemical plant, attackers were able to remotely deploy malware designed to take control of industrial safety systems and did in fact cause a shutdown in the plant.

The malware is called HATMAN or TRITON and is the first publicly identified ICS attack framework specifically targeted at safety systems. Though built to specifically interact with Triconex Safety Instrumented System (SIS) controllers, the malware is now publicly available and researchers anticipate that with time and skill, other systems and industries will be targeted.

Join us for a balanced, vendor-neutral business discussion of how this new malware development on the ICS threat landscape played out and could play out across different industries. Industrial safety systems expert Patrick Barry and threat research experts Dave Weinstein will explore the cyber-physical implications of how this and other threats can impact industrial businesses and what they should do to prepare and defend.

Speaker Bios

Dave Weinstein

Dave Weinstein is the VP of Threat Research at Claroty. Prior to joining Claroty, Dave was the Chief Technology Officer of New Jersey. He began his career as an operations planner at U.S. Cyber Command, where he served for three years.  Dave holds a bachelor’s degree from Johns Hopkins University in Baltimore, Maryland and a master’s degree from Georgetown University's School of Foreign Service in Washington, DC. He is also non-resident Cybersecurity Policy Fellow at New America.

Pat Barry

Pat Barry is Regional Safety Manager at Rockwell Automation. Pat joined Rockwell Automation as a Technical Consultant in January of 2006 and transitioned to full time Safety Consultant in 2010. Pat has over 20 years of experience in industrial automation and 12 years of experience applying safety in a variety of industries, including entertainment, packaging, machine tool, automotive, discrete assembly, and plastic extrusion. He is a graduate of North Carolina State University (BSEE) and Tennessee Technological University (MBA). Pat also holds the credential of Functional Safety Engineer from TÜV Rheinland and serves as Rockwell’s delegate to the ANSI B11 Accredited Standards Committee.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.