Webinar: 2026 OT Cyber Threat Report
Ransomware is down, nation-state/hacktivists are up
In 2025, 57 cyber attacks caused real-world damage in heavy industry, world-wide. This is a 25% drop from 2024, but that’s the tip of the iceberg!
Most of this reduction is because of temporary factors affecting ransomware attacks. Nation-state and hacktivist attacks doubled, with most attacks targeting critical infrastructures.
This is the only industry report focused exclusively on verified cyber incidents with physical consequences. The data set is public, all the incidents we use are included in the report’s appendix with links to public news reports.
Highlighted attacks include:
Jaguar / LandRover – the most costly production shutdown in a decade,
Colins Aerospace – a crippled software system caused flight cancellations and delays for weeks – highlighting the need for rapid recovery or manual fall-backs for critical systems operated and managed by third parties,
Grounded and mis-directed ships – again highlighted the need for multiple independent checks on important external inputs, such as GPS signals, and
Polish distributed generation – a near miss because the lights stayed on, an example of the Russian nation state targeting European critical infrastructures, and a cautionary tale about “bricking” control equipment.
Join Greg Hale of ICS Strive and Andrew Ginter of Waterfall Security, to explore what lies beneath all of 2025’s OT breaches with physical consequences.
Key Take-Aways:
Record-breaking costs of consequences What is behind the drop in ransomware attacks Key defensive developments of 2025, in light of these threats
Share
Trending posts
2026 OT Cyber Threat Report
Webinar: 2026 OT Cyber Threat Report
2026 OT Cyber Threat Report
Stay up to date
Subscribe to our blog and receive insights straight to your inbox
