OT/IoT Cybersecurity Trends and Insights

Cyberattacks on the world’s critical infrastructure are on the rise. Global tensions continue to escalate, ransomware operators act with impunity, geopolitical conflict rises, cyber-espionage persists, and cyber has become an integral part of military strategies. The systems we design and defend must not only withstand a barrage of threats in today’s multipolar world but also balance the need to operate safely at scale, where human lives are at stake. Multi-year adversarial operations such as Volt Typhoon and Salt Typhoon have recently been exposed, highlighting how nation-state actors have infiltrated critical infrastructure and communications systems, often remaining undetected for years.

The Nozomi Networks Labs team delivers this semi-annual report to provide insights into how the world’s largest industrial organizations and critical infrastructure operators can protect themselves from these advanced threats. Leveraging a network of more than 50,000 global honeypots, wireless monitoring sensors, inbound telemetry, partnerships, threat intelligence and other resources, our team uncovers trends, novel attack methods and unique insights that are critical for safeguarding operational technology (OT) and cyber-physical systems.

While cybersecurity reports often focus on threats targeting wired networks— such as Ethernet, industrial Ethernet and fiber—our capabilities extend beyond wired networks to encompass a multitude of wireless transport protocols.