• Home
  • Vendor News
  • We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems


We (Did!) Start the Fire: Hacktivists Increasingly Claim Targeting of OT Systems

23 March 2023

In January 2023, the Anonymous affiliated hacktivist group, GhostSec, claimed on social media to have deployed ransomware to encrypt a Belarusian remote terminal unit (RTU)—a type of operational technology (OT) device for remote monitoring of industrial automation devices. The actors’ stated intention was to demonstrate support for Ukraine in the ongoing Russian invasion. Researchers, OT security professionals and media outlets analyzed the claims and concluded that the actor overstated the implications of the alleged attack. 

Although there was no significant impact in this particular incident, the event highlights the increasing need for a wider discussion regarding the extent of risk hacktivists pose to OT environments. For the last several years, Mandiant has tracked various hacktivists' claims of targeting OT systems claiming physical damage as a result. Exacerbated by geopolitical tensions in different regions—such as Russia’s ongoing invasion of Ukraine—these actors have recently intensified their activity, resulting in more frequent claims and new avenues to impact targets...Read More!

Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn


ectacom Salesoffice
+43 (1) 3619986 12
Am Europlatz 2
A-1120 Wien


ectacom Salesoffice
+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.