SC Magazine
Triton framework used in industrial control attacks
TechTarget
"To gain access to the industrial control systems, the threat actor infected an SIS engineering workstation on what is supposed to be an isolated network," says Chris Morales, Vectra head of security analytics. "An infected laptop can be brought in by a contractor, connect to the network and spread to the controlled ICS environment."