A recently published study by Rockwell Automation, “Anatomy of 100+ Cybersecurity Incidents in Industrial Operations,” revealed OT/ICS security incidents have increased significant over the past few years and a large majority of the attacks were perpetrated by state-affiliated threat actors, among other notable findings.
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Six Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
The Cybersecurity and Infrastructure Security Agency (CISA) has released the new Hardware Bill of Materials Framework (HBOM) for Supply Chain Risk Management product from the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force.
Proofpoint has written a blog discussing the various social engineering tactics utilized in BEC attacks, through the lens of 10 different open-source attacks. Common themes between all the examples utilized include comprehensive reconnaissance and quickly gaining trust.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure Resilience
WaterISAC regularly provides awareness of recent CISA reporting. While direct relevance to your utility/organization on the details of each report may vary, activity alerts like this are practical for general awareness and greater understanding of active threats and adversary capabilities.
The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
ICS/OT/SCADA Vulnerabilities & other Critical Infrastructure Resilience
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
CISA Releases Six Industrial Control Systems Advisories
Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.
Dark Reading has written an article discussing LockBit ransomware group and a recently observed evolution of its tactics to include the use of remote monitoring and management (RMM) software to expand its presence once on a victim’s network.
Chinese state-sponsored cyber actors represent one of the most pervasive cyber threats facing the U.S. and its Western allies today. In the event of a conflict with the U.S., China would likely launch destructive attacks against critical infrastructure in the homeland, according to the Department of Defense’s (DoD’s) latest Cyber Strategy.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
