OT Attacks Surge 146% – Critical Infrastructure Wake-Up Call

Sponsored by

We are sitting at the intersection of cybersecurity and artificial intelligence in the enterprise, and there is much to know and do. Our goal is not just to keep you updated with the latest AI, cybersecurity, and other crucial tech trends and breakthroughs that may matter to you, but also to feed your curiosity.

Thanks for being part of our fantastic community!

In this edition:

• Did You Know - Critical Infrastructure Cyber Threats

• Article - OT Attacks Surge 146% – Critical Infrastructure Wake-Up Call

• Artificial Intelligence News & Bytes

• Cybersecurity News & Bytes

• AI Power Prompt

• Social Media Image of the Week

 Did You Know - Critical Infrastructure Cyber Threats

• Did you know global cyberattacks on critical infrastructure rose by 30 % in 2023, impacting sectors like energy, transport, and utilities? Source: U.S. House, Homeland Security and Axios.

• Did you know that state-sponsored actors such as China, Russia, and Iran are pre‑positioning within U.S. critical infrastructure networks for potential disruptive cyberattacks? Source: U.S. Homeland Threat Assessment 2025, U.S. Department of Homeland Security.

• Did you know 51 % of detections in 2024 were malware‑free attacks, including ransomware and credential‑based intrusions targeting critical networks? Source: CrowdStrike 2025 Global Threat Report.

• Did you know Volt Typhoon, a state-sponsored hacking group, has already infiltrated U.S. critical infrastructure systems and remains embedded to launch future attacks? Source: IBM, WIRED.

• Did you know Iranian-affiliated group CyberAv3ngers has attacked over 100 industrial control devices globally, including those in U.S. oil, gas, and water systems? Source: WIRED

• Did you know cyberattacks like the Colonial Pipeline ransomware incident disrupted 45% of all East Coast U.S. fuel supply, proving how pipeline-targeted hacks can cripple energy sectors? Source: Wikipedia Colonial Pipeline attack.

OT Attacks Surge 146% – Critical Infrastructure Wake-Up Call

As cyber threats rapidly expand beyond IT, unprotected operational technology is now a top target.

Earlier this year, Finnair had to cancel flights for six weeks between Helsinki and Tartu after GPS signals were spoofed by attackers. This alarming incident is not an isolated fluke but part of a rapidly growing trend of cyberattacks that leap beyond IT networks to disrupt the physical world. From factories suddenly grinding to a halt to water treatment plants being tampered with, operational technology (OT) systems are now squarely in attackers’ crosshairs. For executives, it’s a stark reminder that digital threats can have real-world consequences, and they are escalating fast.

OT-targeted cyberattacks soared in 2024, causing more physical disruptions than ever before.

According to a new industry report, the number of facilities suffering cyber-induced physical disruptions jumped by 146% in 2024 from 412 impacted sites in 2023 to 1,015 last year. This massive year-over-year spike underscores how quickly the threat landscape is expanding beyond traditional IT targets into factories, power stations, and other critical infrastructure. Yet experts caution that even these alarming figures could be underestimating the problem. New SEC rules requiring public companies to report only “material” cyber incidents have made some organizations more tight-lipped, suggesting many OT attacks may go unreported despite the growing threat.

These cyber-physical attacks are hitting core sectors of the economy. In 2024, 69% of all cyber incidents that had physical consequences struck the transportation and discrete manufacturing industries. This means airports, railways, and factory floors have become frequent battlegrounds for hackers seeking maximum disruption. Even seemingly less-obvious targets have been hit. Last year, two cyber incidents struck automated “smart” buildings in the hospitality sector, and multiple attacks aimed to disrupt water and wastewater treatment facilities. This underlines that no corner of critical infrastructure is truly off-limits.

Behind this surge is a dangerous mix of threat actors. Nation-state and hacktivist groups alike are now deliberately attacking OT systems to cause real-world disruption. Western intelligence agencies warn that Chinese cyber operations pose the most “significant and pressing” threat to critical infrastructure. Meanwhile, Russian state-backed hackers, notably the Sandworm group have been caught infiltrating North America’s water facilities, echoing their infamous attacks on Ukraine’s power grid. And it’s not just geopolitics at play: profit-driven cybercriminal gangs are also expanding their aim to OT, betting that critical infrastructure victims will pay hefty ransoms to avoid prolonged shutdowns. In fact, some ransomware groups have started “following the money” by targeting organizations in wealthier markets with a higher likelihood of ransom payments. Attackers are even developing more specialized tools for these environments, as researchers discovered three new malware strains tailored to industrial control systems in 2024 alone, compared to only six such ICS-specific malware in the prior 14 years. This points to an escalating sophistication in how adversaries approach OT targets.

For the operators of critical infrastructure, and the people they serve the stakes could not be higher. Disrupted OT systems can cascade into dire, even life-threatening, outcomes. In one of the most harrowing examples, a passenger plane in Kazakhstan crashed in 2024, killing 38 people, after its navigation signals were disrupted by suspected GPS jamming. Around the same time, a 64-hour GPS interference event believed to be caused by a Russian actor disrupted 1,600 flights over Poland, Sweden and Germany. Across industries, companies have reported everything from emergency shutdowns of factory lines to outages at utilities because of malware invading OT networks. The message is chillingly clear: cybersecurity failures in OT can translate directly to physical danger and massive service disruptions in society.

All of this serves as a wake-up call for business leaders. The invisible wall between IT and OT security has all but crumbled, and defending critical operations now means treating factory floors and pipeline control rooms with the same urgency and rigor as corporate IT systems. Encouragingly, many organizations are starting to get the message – a recent survey found 95% now say their C-suite is directly responsible for OT cybersecurity, a dramatic rise from just 41% two years ago. But awareness must translate into action. C-Suite executives and security teams should prioritize shoring up OT defenses: segmenting networks, investing in specialized monitoring tools (increasingly with AI-driven anomaly detection) for industrial environments, and drilling robust incident response plans that account for physical safety. As adversaries expand their battleground to our power plants, transportation hubs and manufacturing lines, leaders must respond with equal urgency. The 146% surge in OT-focused attacks is more than just a startling statistic, it’s a clarion call to fortify the digital defenses of our physical world.

Sources: The statistics and incidents referenced above are drawn from recent cybersecurity reports and analyses, including Waterfall Security Solutions’ 2024 threat report on OT attacks. and related industry findings reported by helpnetsecurity.com. Additional context on executive responses to OT risks is based on Fortinet’s 2025 State of OT and Cybersecurity surveyfortinet.com.

Cybersecurity is no longer just about prevention—it’s about rapid recovery and resilience! 

Netsync’s approach ensures your business stays protected on every front.

We help you take control of identity and access, fortify every device and network, and build recovery systems that support the business by minimizing downtime and data loss. With our layered strategy, you’re not just securing against attacks—you’re ensuring business continuity with confidence.

Learn more about Netsync at www.netsync.com

Artificial Intelligence News & Bytes 🧠

Cybersecurity News & Bytes 🛡️

Not All AI Notetakers Are Secure. Here’s the Checklist to Prove It.

You wouldn’t let an unknown vendor record your executive meetings, so why trust just any AI?

Most AI notetakers offer convenience. Very few offer true security.

This free checklist from Fellow breaks down the key criteria CEOs, IT teams, and privacy-conscious leaders should consider before rolling out AI meeting tools across their org.

Get the Security Checklist

AI Power Prompt

This prompt that will assist leaders at an organization better understand how to protect their Operational Technology from cyber threats.

#CONTEXT:
Adopt the role of an expert in Operational Technology (OT) cybersecurity and industrial risk management. You will design a comprehensive awareness and strategy-building prompt that equips organizational leaders—especially in manufacturing, energy, utilities, and transportation—with a deep understanding of the cyber threats facing their OT environments. Your task is to demystify OT security, bridge the IT/OT divide, and create actionable intelligence tailored to executive decision-makers and plant-level leadership.

#GOAL:
You will guide leaders in recognizing the unique vulnerabilities of OT systems, understanding common threat vectors (e.g., ransomware, supply chain attacks, protocol exploitation), and building a security-first culture that ensures safety, uptime, regulatory compliance, and cyber resilience across critical operations.

#RESPONSE GUIDELINES:
Follow these structured steps to deliver the most impactful educational and strategic guidance:

1. Define Operational Technology and explain how it differs from traditional IT. Include examples of OT systems such as SCADA, PLCs, DCS, HMIs, and industrial IoT.

2. Describe the key cyber risks to OT systems:

   • Legacy systems with outdated software and weak authentication

   • Lack of network segmentation between IT and OT

   • Vulnerabilities in proprietary protocols and vendor firmware

   • Third-party integrations and remote access points

   • Physical sabotage via digital means (safety risks)

3. Highlight high-profile real-world attacks on OT environments (e.g., Stuxnet, Colonial Pipeline, Triton) and analyze their impact on operations, safety, and reputation.

4. Map the threats to core business outcomes:

   • Production downtime

   • Safety incidents and compliance failures

   • Loss of intellectual property or process control data

   • Revenue loss and contractual penalties

   • Public trust erosion and legal exposure

5. Outline a leader-centric OT cyber protection roadmap:

   • Asset inventory and vulnerability discovery in OT environments

   • Creating secure IT/OT segmentation with firewalls and DMZs

   • Implementing anomaly detection and OT-specific monitoring tools

   • Establishing incident response playbooks tailored for OT scenarios

   • Investing in regular red-teaming and tabletop exercises

   • Developing a cyber-aware operations culture via training and policy

6. Integrate risk governance:

   • Cross-functional OT security steering committee

   • Regular reporting and alignment with board risk agendas

   • Adoption of OT security frameworks (NIST CSF, IEC 62443, MITRE ATT&CK for ICS)

   • Coordination with physical security and safety teams

7. Provide visualizations, policy checklists, and executive summary talking points to make complex concepts digestible for non-technical leaders.

8. Optional: Include sector-specific security practices and regulations for industries like energy, pharma, and critical infrastructure.

#INFORMATION ABOUT ME:

• My organization: [DESCRIBE YOUR ORGANIZATION]

• Our industry sector: [INDUSTRY]

• Size and complexity of OT environment: [OT SCOPE AND SIZE]

• Our top concern: [TOP CYBERSECURITY CONCERN OR THREAT]

#OUTPUT:
Deliver a leadership-ready strategic framework that includes:

• Definitions and threat context in plain language

• High-impact examples tailored to the industry

• Executive-level impacts and consequences

• A step-by-step protection roadmap

• A one-pager summary or visual checklist for leadership discussions

Ensure the tone is authoritative, solution-oriented, and empowers non-technical executives to lead confidently in OT cyber risk strategy.

Social Media Image of the Week

Questions, Suggestions & Sponsorships? Please email: [email protected]

Also, you can follow me on X (Formerly Twitter) @mclynd for more cybersecurity and AI.

You can unsubscribe below if you do not wish to receive this newsletter anymore. Sorry to see you go, we will miss you!