2024 Threat Report – OT Cyberattacks with Physical Consequences

Threat Report Webinar

In 2023 we saw 68 cyberattacks that caused physical consequences to industrial control systems (ICS) and Operational Technology (OT) in the public record, in building automation, manufacturing, heavy industry and critical industrial infrastructures. In 2023, 80% of attributable attacks in the data set were ransomware, and hacktivist impacts rose to 15%.

Analysis in the report looks at:

arrow red rightWhy are there OT consequences from attacks that target only IT targets, and what fraction of attacks in the dataset are like that?

arrow red rightWhy have ransomware attacks with OT impacts apparently slowed down, while overall attack counts continue to increase?

arrow red rightWhat important new kinds of attacks and consequences are showing up in the data?

Appendix A, at the end of the Threat Report, also includes the entire dataset used for the report – a comprehensive list of all attacks in the public record with physical consequences for these industries since 2010, including links to public reports and sources that can be used to verify the attacks and learn more about them.

The report is a joint effort of Waterfall Security and the ICSStrive incident repository:
Picture of Rees Machtemes

Rees Machtemes

Director of Industrial Security at Waterfall Security

Picture of Monique Wallhof

Monique Wallhof

Consultant at Industrial Safety & Security Source

Picture of Greg Hale

Greg Hale

Editor & Founder at Industrial Safety And Security Source

Picture of Andrew Ginter

Andrew Ginter

VP Industrial Security at Waterfall Security

Share

Fill out the form and get it by email