Register
Promote YOUR BRAND

Dragos

AI-Assisted Compromise of Mexican Water Utility with OT Implications

By

Dragos is reporting an early real-world observation of an adversary using commercial AI tools to identify and prioritize operational technology (OT) infrastructure during an IT intrusion. In late February 2026, researchers at Gambit Security recovered a vast collection of materials related to a large-scale compromise of multiple Mexican government organizations that occurred between December 2025 and February 2026. […]

AI-Assisted Compromise of Mexican Water Utility with OT Implications Read More »

2025 OT Security Financial Risk Report

By

This study is a groundbreaking investigation into the financial impact of cyber incidents involving operational technology (OT) assets and provides important estimation of potential future OT cyber breach losses, as analyzed by insurance statisticians. More critically, the study applies statistical modeling to identify and quantify the most influential OT cyber risk controls and their potential

2025 OT Security Financial Risk Report Read More »

OT/IT Cybersecurity Report

By

Throughout the year, Dragos identifies threats to operational technology (OT) and industrial control systems (ICS) infrastructure, conducts services to help defenders mature their program, and prioritizes mitigations for resilient operations. Enhanced by Dragos telemetry, we approach our eighth annual Year in Review report with field-tested guidance. It serves to provide several detailed examples of key

OT/IT Cybersecurity Report Read More »

Impact of FrostyGoop ICS Malware on Connected OT Systems

By

FrostyGoop is the ninth industrial control systems (ICS) specific malware. It is the first ICS-specific malware that uses Modbus TCP communications to achieve an impact on Operational Technology (OT). PIPEDREAM, an ICS malware discovered in 2022, uses Modbus communications in one of its components for enumeration. Dragos discovered FrostyGoop in April 2024. It can interact

Impact of FrostyGoop ICS Malware on Connected OT Systems Read More »

Australian 2023 OT Cybersecurity Year in Review

By

Are you prepared to defend your operational technology (OT) against the next wave of cyber threats? Several forces drove a surge of activity from adversaries targeting operational technology (OT) infrastructure in 2023, marking a pivotal shift in the OT cyber threat landscape for Australian organisations and around the globe. Motivated by mounting geopolitical tensions, sophisticated

Australian 2023 OT Cybersecurity Year in Review Read More »

OT Cybersecurity: The 2023 Year in Review

By

In 2023, a surge in global tension resulted in an increase in cyber threat activity and disruptions in critical infrastructure worldwide. Escalating conflicts, including those between Ukraine and Russia, Israel and Hamas, and countries in the South China Sea, emboldened adversaries and hacktivists to develop new capabilities and reuse old techniques. Simultaneously, ransomware attacks affected

OT Cybersecurity: The 2023 Year in Review Read More »

ICS/OT Cybersecurity Year in Review 2022

By

2022 Key Findings Overview 2022 saw a breakthrough escalation in capabilities by a new modular industrial control systems (ICS) malware, PIPEDREAM, developed by the threat group, CHERNOVITE. CHERNOVITE’S PIPEDREAM toolkit has the capabilities to impact tens of thousands industrial devices that control critical infrastructure – devices that manage the electrical grid, oil and gas pipelines,

ICS/OT Cybersecurity Year in Review 2022 Read More »