In 2023, a surge in global tension resulted in an increase in cyber threat activity and disruptions in critical infrastructure worldwide. Escalating conflicts, including those between Ukraine and Russia, Israel and Hamas, and countries in the South China Sea, emboldened adversaries and hacktivists to develop new capabilities and reuse old techniques. Simultaneously, ransomware attacks affected more industrial organizations, with a nearly 50 percent increase in reported incidents. Asset owners must take necessary precautions to address these threats or fall victim to them.
Among the threats that organizations must consider are the capabilities developed in conflict areas. A year after Russia’s invasion of Ukraine, cyber threat activity in the region continues to escalate. Dragos and the community became aware of new destructive malware capabilities as ELECTRUM conducted targeted cyber operations against Ukrainian critical infrastructure. The mixture of traditional kinetic warfare with cyber-focused capabilities has created a new testbed for increased threat capabilities worldwide.