CyberSecurityBoard
Sponsor Register Login

Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data

The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) infiltrations. Industrial control system attacks, data breaches, and access-based intrusions have surged to comprise 31% of all hacktivist activities in the second quarter of 2025, marking a notable increase from the 29% recorded in the previous quarter. Cyble analysts identified Z-Pentest as the most prolific hacktivist group targeting critical infrastructure, executing 38 ICS attacks in Q2 2025 alone—representing a staggering 150% increase from the 15 attacks attributed to the group in the first quarter. This tactical transformation represents a significant escalation in the hacktivist threat ecosystem, as groups now target critical infrastructure components that directly impact national security and economic stability. Dark Engine, operating under the alias “Infrastructure Destruction Squad,” has emerged as another significant threat actor, conducting 26 ICS-targeted incidents during the second quarter with a pronounced operational surge in June. The group’s recent compromise of an HMI/SCADA interface controlling a high-temperature furnace in Vietnamese industrial operations exemplifies the sophisticated nature of these attacks. The emergence of Russia-linked groups has fundamentally altered the hacktivist landscape, with organizations like Z-Pentest leading the charge in ICS-targeted operations. The group’s consistent targeting of energy infrastructure across multiple European nations reflects a coordinated campaign strategy designed to maximize psychological and operational impact. Dark Engine’s infiltration techniques focus on exploiting human-machine interface (HMI) and SCADA systems, particularly those controlling industrial processes in sectors such as metallurgy, ceramics, cement, and food processing. This upward trajectory signals a concerning shift toward infrastructure-level interference, demonstrating enhanced strategic intent and technical capabilities within the hacktivist community. The group’s ability to gain unauthorized access indicates sophisticated reconnaissance capabilities and deep understanding of industrial control protocols. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 16 Jul 2025 03:15:09 +0000


Cyber News related to Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
10 months ago Aws.amazon.com
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com
Hacktivist Groups Attacks on Critical ICS Systems to Steal Sensitive Data - The cybersecurity landscape has witnessed an alarming evolution in hacktivist operations, with threat actors increasingly shifting their focus from traditional DDoS attacks and website defacements to sophisticated industrial control system (ICS) ...
3 weeks ago Cybersecuritynews.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
2 years ago Securityweek.com
Threat landscape for industrial automation systems, Q1 2024 - In the first quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 0.3 pp from the previous quarter to 24.4%. Compared to the first quarter of 2023, the percentage decreased by 1.3 pp. Percentage of ICS ...
1 year ago Securelist.com
Researchers Uncover on How Hacktivist Groups Gaining Attention and Selecting Targets - Recent analysis reveals that hacktivist groups have developed sophisticated methods for maximizing their visibility and impact, often targeting high-profile entities such as social media platforms, government agencies, and critical infrastructure. ...
3 weeks ago Cybersecuritynews.com
How To Combat the Mounting 'Hacktivist' Threat - These 'hacktivists' are actively targeting businesses to further their interests - those backing Moscow have been posing a threat to Western states as well as the operations and reputation of organisations. It does not appear to be a priority concern ...
1 year ago Cyberdefensemagazine.com
7 Critical ICS Flaws Unpatched as Critical Infrastructure Attacks Rise - As cyberattacks against critical infrastructure rise, there remains a number of unpatched vulnerabilities in Industrial Control Systems (ICS) that can be exploited. In a recent report from Cybersecurity Ventures, 100 percent of ICS nodes were ...
2 years ago Csoonline.com
Check Point Research Report: Shift in Cyber Warfare Tactics - Highlights: Shift in Cyber Warfare Focus: Recent developments in cyber warfare reveal a shift in the activities of Iranian hacktivist proxies. Initially concentrated on Israel, these groups are now extending their cyber operations to include targets ...
1 year ago Blog.checkpoint.com
Hacktivist Group Claimed Attacks Across 20+ Critical Sectors Following Iran–Israel Conflict - Following Israeli airstrikes on Iranian military and nuclear facilities in June 2025, pro-Iranian and pro-Palestinian hacktivist collectives mobilized almost immediately, targeting Israeli government systems, energy infrastructure, financial ...
1 month ago Cybersecuritynews.com Abyss
Resecurity and ICS Technologies join forces to improve cybersecurity in Iraq - Resecurity and ICS Technologies IRAQ, a well-established ICT System Integration Company with HQ in Baghdad, Iraq, have joined forces to fortify cybersecurity, fraud prevention and risk intelligence measures nationwide. This strategic partnership is ...
1 year ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
ICS Ransomware Danger Rages Despite Fewer Attacks - Despite takedowns of top ransomware groups, those remaining threat actors have continued to develop new tricks, while maintaining their ability to capitalize on zero-day vulnerabilities, helping them do more damage to industrial control systems with ...
1 year ago Darkreading.com LockBit BianLian Akira Ragnar Locker Black Basta
Hacktivist Turns More Sophisticated Targeting Critical Infrastructure to Deploy Ransomware - This sophisticated evolution of hacktivist capabilities signals a concerning new chapter in cyber conflict, where ideologically motivated actors now possess the technical prowess to significantly disrupt critical infrastructure and extort substantial ...
3 months ago Cybersecuritynews.com
Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know! - The amount of data enterprises store is much bigger than SMBs. A lot of this data includes sensitive information of customers and clients such as bank details, social security numbers, emails, contact numbers, etc. For those new to data security, ...
1 year ago Securityboulevard.com
Two new pro-Russian hacktivist groups target Ukraine, recruit insiders | The Record from Recorded Future News - The groups, calling themselves IT Army of Russia and TwoNet, use the Telegram messaging app to coordinate operations, recruit insiders and collect information about targets in Ukraine, according to a new report by cybersecurity firm Intel 471. Other ...
1 month ago Therecord.media
6 Ransomware Trends & Evolutions For 2023 - More than any other industry, cybersecurity is constantly changing. The number of major paradigm shifts that have transformed the world of cybersecurity in the past few years has been unprecedented, especially when it comes to combating ransomware. ...
2 years ago Trendmicro.com TeamTNT
1 1
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com
Pro-Russian Hackers Making New Alliances to Launch High-Profile Attacks - These groups have also demonstrated capabilities in targeting operational technology environments, successfully manipulating water treatment facility control systems and forcing critical infrastructure to manual operation modes, highlighting the ...
1 month ago Cybersecuritynews.com
How Do Industrial Control Systems Work - An industrial control system (ICS) is a type of computer system that is used to monitor and control industrial processes and infrastructure. These systems are used in a variety of industries, such as oil and gas, chemical, water and wastewater, ...
2 years ago Heimdalsecurity.com
Ransomware in 2024: Anticipated impact, targets, and landscape shift - As ransomware continues to be on the rise, we can expect groups to continue to evolve their attacks and operate at a larger scale for bigger profits. Here is what we can expect the ransomware landscape to look like in 2024. In 2024, we'll see more ...
1 year ago Helpnetsecurity.com LockBit
security and privacy in Facebook groups - Having found myself roped into assisting as co-administrator a couple of Facebook groups with security/privacy issues, I thought I should, perhaps, share what little I know about defending your group against scam and spam posts and comments by ...
1 year ago Securityboulevard.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
1 year ago Helpnetsecurity.com
Debate Roils Over Extent of Nation-State Cyber Involvement in Gaza - Cyberattack activity in the Israel-Hamas war has shown a decided lack of sophistication, and researchers warn that nation-state attackers are more involved than originally thought. That's in stark contrast to state-sponsored advanced persistent ...
1 year ago Darkreading.com
CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies - CISA along with the FBI, EPA, and Department of Energy, issued an urgent advisory, warning that cyber actors are actively targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems within the U.S. oil and ...
3 months ago Cybersecuritynews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)