The Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued sanctions against the Kremlin after attributing the destructive Triton malware to a Russian government research institution. Russia’s Central Scientific Research Institute of Chemistry and Mechanics (CNIIHM) designed Triton, also known as TRISIS and HatMan, to target a specific industrial control systems (ICS) controller used in critical infrastructure facilities to initiate immediate shutdown procedures in case of an emergency. Depending on how the malware is deployed, it can have lethal effects by allowing machinery to work in an unsafe state, creating a risk of explosions. It was reported that the malware was scanning at least 20 electrical utilities in the United States for vulnerabilities.