2024 Threat Report – OT Cyberattacks with Physical Consequences
In 2023 we saw 68 cyberattacks that caused physical consequences to industrial control systems (ICS) and Operational Technology (OT) in the public record, in building automation, manufacturing, heavy industry and critical industrial infrastructures. In 2023, 80% of attributable attacks in the data set were ransomware, and hacktivist impacts rose to 15%.
Analysis in the report looks at:
- Why are there OT consequences from attacks that target only IT targets, and what fraction of attacks in the dataset are like that?
- Why have ransomware attacks with OT impacts apparently slowed down, while overall attack counts continue to increase?
- What important new kinds of attacks and consequences are showing up in the data?
Appendix A, at the end of the Threat Report, also includes the entire dataset used for the report – a comprehensive list of all attacks in the public record with physical consequences for these industries since 2010, including links to public reports and sources that can be used to verify the attacks and learn more about them.
The report is a joint effort of Waterfall Security and the ICSStrive incident repository:
Rees Machtemes
Director of Industrial Security at Waterfall Security
Monique Wallhof
Consultant at Industrial Safety & Security Source
Greg Hale
Editor & Founder at Industrial Safety And Security Source
Andrew Ginter
VP Industrial Security at Waterfall Security