Electric Grid Cybersecurity: 2026 Threat Insights for OT Defenders

The Dragos 2026 OT/ICS Year in Review warns that adversaries are increasingly targeting systems that provide visibility and control over the electric grid (remote access, engineering workstations, IT systems, DER/BESS), documenting active campaigns by experienced infrastructure threat groups (including ELECTRUM and supporting/access teams) that have scanned, gained footholds, and in at least one case targeted DERs and a U.S. utility; the report emphasizes rapid exploit availability, insufficient OT visibility, and recommends OT-focused controls, defensible architecture, secure remote access, and risk-based vulnerability management.