Summary: The 2025 OT/ICS Cybersecurity Report by Dragos highlights significant threats to operational technology (OT) organizations, tracking 23 threat groups with nine active in 2024, including new groups Bauxite and Graphite. Notably, Bauxite has targeted multiple sectors with custom malware, while ransomware attacks on industrial organizations surged by 87% compared to the previous year. The report reveals new malware threats and emphasizes the ongoing vulnerability of industrial control systems to cyberattacks.
Affected: OT organizations globally
Keypoints :
- Dragos monitored 23 threat groups targeting OT organizations, with nine active in 2024.
- Two new threat groups were identified: Bauxite, linked to Iran, and Graphite, associated with Russia.
- Ransomware attacks on industrial organizations increased by 87%, with 80 groups observed in 2024.
- New ICS malware, Fuxnet and FrostyGoop, were discovered, with potential for significant impact on infrastructure.
- Four active threat groups demonstrated ICS Cyber Kill Chain Stage 2 capabilities, indicating advanced attack potential.
Source: https://www.securityweek.com/nine-threat-groups-active-in-ot-operations-in-2024-dragos/