Targeting Operational Technology: The Hacktivist’s Path to Public Attention and Disruption

Dragos WorldView reports an escalation in hacktivist activity against operational technology, highlighting campaigns by CyberAv3ngers, CyberArmyofRussia_Reborn, and Blackjack that exploited default credentials and VNC vulnerabilities to deface HMIs, alter PLC/HMI setpoints, and disrupt water systems—one group even claiming deployment of Fuxnet-like malware—while noting possible state links and recommending OT-specific controls such as changing default passwords, MFA, OT-native monitoring, and updated incident response plans.