Triton/Trisus In The Oil Refinery

Multiple perspectives on the events of a cyber attack

Industrial sites around the world are nowadays controlled and monitored by centralised computer systems that are directly or indirectly connected to Internet. This makes the whole operation more convenient and efficient but at the same poses a considerable risk for the security of the site.

In 2017 an undisclosed oil refinery in Saudi Arabia shut down twice due to a targeted software attack. Unprecedented in the history, the attackers compromised safety systems that are responsible for preventing any physical damage to the people and the equipment – should a machine deviate from its regular course of operation.

The Triton/Trisus website presents the attacker’s actions that led to the shutdowns from 3 different points of view: The refinery’s network, the affected machines, and an overview of the refinery. This split view aims to subvert the belief that actions in the virtual space cannot considerably affect the physical world.

Competencies

research,
ui,ux design,
graphic design,
front end development

Screenshot of the Triton/Trisus website. White text on the left, black background, illustrated Triton/Trisus flag rendered as a grid of characters on the right

A screenshot. beige timeline divided into 3 rows, the events of the breach are depicted these rows in illustrations and in text — Each row represents a different perspective on the same events. Each cell within one of the rows is an event

A screenshot. The same timeline, some of the events have black background — The blackened cells suggest the direction in which the events affected each row

A screenshot. A beige map of the world on a black background with thousands of white points representing all the industrial control systems connected to Internet — source: https://www.shodan.io/search?query=ics

Triton/Trisus In The Oil Refinery

Competencies

Next project

Klima