Ukraine Power Grid Attack: 10 Years of OT Lessons

This Q&A-style analysis from Dragos and SANS reviews a decade of OT-focused cyberattacks beginning with the 2015 Ukraine power grid incidents, detailing threat actors (KAMACITE/ELECTRUM), destructive malware families (CRASHOVERRIDE, TRISIS, PIPEDREAM), their operational TTPs, the impacts on grid resilience, and gaps in OT security and governance; it emphasizes detection, OT-specific monitoring, five critical ICS controls, and the need for policy and resource support for smaller utilities.