Most OT cyber threats that target critical infrastructure (power, water, manufacturing) never make the news. They don’t get disclosed. Sometimes, they aren’t even recognized. This persistent underreporting isn’t just a data gap. It’s a risk amplifier - a force multiplier that leaves CISOs blind to real threats, makes security planning reactive instead of proactive, and ultimately puts physical systems at risk. Why? Because underreporting causes: Blind spots across the industry : Without shared incident data, threat intel remains incomplete. That means attack methods get recycled while defenders stay in the dark. Missed warning signals : Trends that should trigger preventive action (like repeat targeting of certain PLCs or entry via IT) go unnoticed across sectors. Distorted risk models : If breach numbers appear low, executives and regulators assume ...

In the wake of the recent cyber-physical attack on Ukraine's electrical grid in October 2022, as detailed in the Mandiant report, the imperative for robust cybersecurity measures is more evident than ever. This blog post explores how SIGA's Level 0 monitoring, inspired by insights from Mandiant's revelations, emerges as a pivotal solution in defending critical infrastructure against such sophisticated attacks. Mandiant's Insights: Unraveling the Cyber-Physical Attack Mandiant's report sheds light on the intricacies of the cyber-physical attack that targeted Ukraine's electrical grid in October 2022. The Russia-linked threat actor, Sandworm, employed novel techniques, including Living off the Land (LotL) tactics, to disrupt the operational technology (OT) infrastructure, leading to an unplanned power outage and subsequent chaos. As the threat landscape evolves, defending ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware (also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware ( also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware ( also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...