Situation Updated Brief: Heightened Espionage and Disruption Risks to Critical Global Infrastructure and Operational Technology


On 30 May, the technology company Microsoft reported an increase in cyber attacks targeting internet-exposed and vulnerable operational technology (OT) environments since late 2023. The onset of the Israel-Hamas war in October 2023 engendered a wave of hacktivist attacks against US OT environments, many of which successfully infiltrated critical national infrastructure (CNI).

Similarly, in March, the White House and Environmental Protection Agency (EPA) released an advisory warning that water and wastewater utilities in the US are being routinely targeted by adversarial state-sponsored groups. The advisory specifically mentioned threats to OT environments, and outlined how attackers have the potential to affect the safety and supply of drinking water. This highlights the highly impactful physical threats attackers pose to OT and the elevated security risks facing global CNI. OT is often responsible for key functions within CNI, making it an attractive target for state-sponsored and hacktivist cyber threat actors.

The report outlines the security threats posed by state-sponsored and hacktivist groups to OT environments within global CNI as economic competition, geopolitical tensions and interstate conflicts persist. It provides our readership with a better understanding of the OT threat landscape and how it will evolve in the long term, while also illustrating security implications for OT providers. It forms part of Sibylline's Cyber Risk Register, a ground-breaking analytical service designed to help organisations of all sizes navigate an uncertain world.

When registering for the report, please be aware that we do not accept personal email addresses. Please use a corporate email address. If you are unable to register with a corporate email address, please email

All requests are subject to approval, and please allow a few days for our team to review your request. You will receive the report via email from

SUB cyber report
We do not accept personal email addresses. If you submit a personal email address your request will not be processed. If you only have a personal email address please email
You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our privacy page.
Scroll to Top