OT/ICS Security
Exploring the challenges and solutions in securing operational technology and industrial control systems in an increasingly connected world.
OT/ICS Security Incident Analytics
Explore data-driven insights from historical OT/ICS security incidents to better understand attack patterns, vulnerabilities, and effective prevention measures.
OT/ICS Security Incident Details
Comprehensive information about major operational technology security incidents
| Incident | Date | Attack Vector | Asset Type | Vulnerability | Prevention |
|---|---|---|---|---|---|
| Maroochy Shire Sewage Spill | 2000 | Radio equipment, SCADA access | SCADA system | Insider access, lack of authentication | Stronger access controls, employee monitoring |
| Stuxnet | 2010 | USB, zero-day exploits | PLCs (Siemens) | Windows vulnerabilities, air-gapped bypass | Air-gapped isolation, USB restrictions |
| Iranian Steel Mill Attack | 2014 | Unknown (likely malware) | ICS (blast furnace) | Unknown (likely unpatched systems) | Regular patching, network segmentation |
| Ukraine Power Grid Attack | Dec 2015 | Spear-phishing, BlackEnergy | SCADA system | Weak email security, unpatched systems | Email filtering, endpoint security, patching |
| Industroyer/CrashOverride | Dec 2016 | Malware, ICS protocol exploits | Substation controls | Protocol weaknesses, network access | Network segmentation, protocol hardening |
Showing 1-5 of 23 incidents
Page 1 of 5
Attack Vector Distribution
Common attack vectors used in OT/ICS security incidents
OT/ICS Security Incidents Timeline
Major operational technology and industrial control systems security incidents by year
2000
1 incident
- Maroochy Shire Sewage Spill
2010
1 incident
- Stuxnet
2014
1 incident
- Iranian Steel Mill Attack
2015
1 incident
- Ukraine Power Grid Attack
2016
1 incident
- Industroyer/CrashOverride
2017
3 incidents
- WannaCry Ransomware
- Triton/Trisis
- Petya/NotPetya
2019
1 incident
- LockerGaga (Norsk Hydro)
2020
2 incidents
- EKANS Ransomware
- SolarWinds Supply Chain Attack
2021
4 incidents
- Colonial Pipeline Ransomware
- JBS Ransomware
- Oldsmar Water Treatment Attack
- Molson Coors Ransomware
2022
2 incidents
- Industroyer2
- Starlink Jamming
2023
1 incident
- Cyber Av3ngers Attacks
2024
3 incidents
- FrostyGoop Malware
- CyberArmyofRussia_Reborn (CARR)
- American Water Works Breach
2025
2 incidents
- Unnamed ICS Malware Incidents
- Global OT Attacks (Nation-States)