Automation is now a core part of oil and gas operations. Companies are expanding the use of remote operations, real-time optimization, and AI-based decision systems to improve efficiency and reduce operational costs. But these same technologies, by design, introduce more IT dependencies: more remote access points, more software layers, and more connected systems. Each of these creates a new potential vector for attackers to influence physical operations. As control of pumps, compressors, and electrical systems shifts to centralized software environments, the risk shifts with it, from isolated faults to coordinated disruptions that begin in IT and play out in the physical world. This trend is only accelerating. According to Deloitte’s 2025 Smart Manufacturing Survey [i] , 86 percent of energy and industrial companies are increasing their investments in automation and ...

Most OT cyber threats that target critical infrastructure (power, water, manufacturing) never make the news. They don’t get disclosed. Sometimes, they aren’t even recognized. This persistent underreporting isn’t just a data gap. It’s a risk amplifier - a force multiplier that leaves CISOs blind to real threats, makes security planning reactive instead of proactive, and ultimately puts physical systems at risk. Why? Because underreporting causes: Blind spots across the industry : Without shared incident data, threat intel remains incomplete. That means attack methods get recycled while defenders stay in the dark. Missed warning signals : Trends that should trigger preventive action (like repeat targeting of certain PLCs or entry via IT) go unnoticed across sectors. Distorted risk models : If breach numbers appear low, executives and regulators assume ...

In the wake of the recent cyber-physical attack on Ukraine's electrical grid in October 2022, as detailed in the Mandiant report, the imperative for robust cybersecurity measures is more evident than ever. This blog post explores how SIGA's Level 0 monitoring, inspired by insights from Mandiant's revelations, emerges as a pivotal solution in defending critical infrastructure against such sophisticated attacks. Mandiant's Insights: Unraveling the Cyber-Physical Attack Mandiant's report sheds light on the intricacies of the cyber-physical attack that targeted Ukraine's electrical grid in October 2022. The Russia-linked threat actor, Sandworm, employed novel techniques, including Living off the Land (LotL) tactics, to disrupt the operational technology (OT) infrastructure, leading to an unplanned power outage and subsequent chaos. As the threat landscape evolves, defending ...

In light of the waging Russian war on Ukraine over the past two months and the recent collaborative “ Pipedream Malware”  advisory, the Biden administration has publicly announced the ever-growing likelihood of severe Russian cyberattacks against the US’s critical infrastructure. https://www.whitehouse.gov/ briefing-room/statements- releases/2022/03/21/statement- by-president-biden-on-our- nations-cybersecurity/ Jen Easterly, the Cybersecurity and Infrastructure Security Agency’s (CISA) director urges companies to quickly scale-up to protect themselves from such potential attacks, as she further explains: “ that’s why we’ve been telling everybody consistently, shields up. What does that mean? It means assume there will be disruptive cyber activity and make sure you are prepared for it.”. The repercussions of such Russian attacks can be disastrous, as ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware (also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware ( also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...

A new advisory based on a joint federal and private sector investigation sheds light on a substantial threat to Industrial Control Systems (ICS). According to the advisory recently published by the Department of Energy, the Cybersecurity and Infrastructure Security Agency, the NSA, the FBI, and privately owned companies, the aggressive toolkit allows hackers to disrupt or even take over Schneider’s and OMRON’s PLC’s, which are the beating hearts of our most critical infrastructure. Some even referred to the new threat as “the most extensive attack tool ever documented for industrial control systems.” The advisory mentions that the malware ( also known as “Pipedream”) exploits the software Codesys, which is employed by other PLC manufacturers, in order to take control over the PLC. Hence, every ICS can potentially be targeted and compromised by this attack. The ...

Highlights the significance of Cybersecurity Monitoring at ICS Level 0. Regulation compliance targeted at 1,600 Israeli entities handling hazardous materials In any given state or country, there are thousands of manufacturing plants and facilities which hold and use hazardous materials as part of their production processes. Failures in the production, storage or transportation systems of these plants may result in severe damage to public health and the environment. In most cases, these systems are operated, automated and controlled by computerized systems, or ICS (Industrial Control Systems), so a cyber event can potentially cause a failure or disruption in the computerized system and lead to a catastrophic hazardous materials event. Examples of hazardous events that may occur due to a cyber incident: Emissions of gases that endanger the public Explosions of ...