OT Cyberattacks: Energy Sector Faces $329 Billion in Risks

A Dragos report reveals the scale of cyber vulnerabilities in global energy infrastructures. Potential losses reach historic highs.

Share:

Gain full professional access to energynews.pro from 4.90$/month.
Designed for decision-makers, with no long-term commitment.

Over 30,000 articles published since 2021.
150 new market analyses every week to decode global energy trends.

Monthly Digital PRO PASS

Immediate Access
4.90$/month*

No commitment – cancel anytime, activation in 2 minutes.

*Special launch offer: 1st month at the indicated price, then 14.90 $/month, no long-term commitment.

Annual Digital PRO Pass

Full Annual Access
99$/year*

To access all of energynews.pro without any limits

*Introductory annual price for year one, automatically renewed at 149.00 $/year from the second year.

The global energy sector faces an unprecedented cyber threat that could generate up to $329.5 billion in losses in an extreme scenario. This estimate comes from the 2025 OT Security Financial Risk Report published by Dragos Inc., the global leader in cybersecurity for operational technology (OT) environments. The study, conducted by Marsh McLennan’s Cyber Risk Intelligence Center, represents the first statistical analysis quantifying the financial risks of OT cyber incidents. Indirect losses, often overlooked in traditional models, affect up to 70% of OT-related breaches, with $172.4 billion attributed to business interruptions alone.

Critical vulnerabilities exploited at scale

Recent incidents confirm the severity of these financial projections. The ransomware attack against Halliburton in August 2024 generated $35 million in direct losses and forced the partial shutdown of systems at this $23 billion valued company. RansomHub, the group allegedly responsible for this cyberattack, demonstrated malicious actors’ ability to paralyze global oil giants. In January 2024, the FrostyGoop malware struck a Ukrainian municipal energy company, depriving more than 600 apartment buildings of heating for two days during sub-zero temperatures. This attack illustrates how Modbus TCP industrial control systems can be compromised with immediate physical consequences for civilian populations.

American water infrastructures have become prime targets for state-sponsored groups. The Cyber Army of Russia Reborn (CARR), linked to the Russian GRU military intelligence’s Sandworm group, caused a water tank overflow in Muleshoe, Texas in January 2024. The intrusion was facilitated by a password unchanged for ten years, revealing basic negligence in critical infrastructure security. The cities of Abernathy, Hale Center, and Lockney suffered similar attacks, demonstrating a coordinated campaign against American water distribution systems.

A geopolitical escalation with major economic consequences

Analysis of 2024 data reveals a qualitative transformation in OT cyber threats. While the number of attacks increased only marginally, from 72 in 2023 to 76 in 2024, the physical impact exploded with 1,015 disrupted sites versus 412 the previous year, a 146% increase. Nation-state attacks with physical consequences tripled, driven by Chinese, Russian, and Iranian campaigns. Three new malware strains specific to industrial control systems (ICS) were discovered in 2024, equaling half the total discovered during the previous fourteen years.

The Forescout report reveals that industrial automation protocols have become preferred attack vectors. Attacks on these protocols climbed from 71% to 79% between 2023 and 2024, with Modbus dominating at 40% of incidents, followed by Ethernet/IP at 28%. Threat actors increased their presence by 93% in the energy sector, 71% in manufacturing, and 55% in healthcare. This exponential progression is accompanied by increased sophistication in attack methods and unprecedented physical disruption capability.

Quantified security controls to reduce exposure

The Dragos report identifies three priority OT cybersecurity controls with their potential for financial risk reduction. Incident response planning enables average risk reduction up to 18.5%. Defensible architecture can reduce exposure by 17.09%, while ICS network visibility and monitoring offer protection up to 16.47%. These percentages, based on tens of thousands of simulations and a decade of breach data, provide executives with concrete metrics to justify OT cybersecurity investments.

Regulatory implications intensify with the European NIS2 and CER directives coming into force in late 2024, imposing cybersecurity measures on more than 400,000 companies. In the United States, the Transportation Security Administration (TSA) issued binding directives for the pipeline sector following the 2021 Colonial Pipeline attack that disrupted 45% of the East Coast’s fuel supply. Energy companies must now quantify their cyber risks to meet Securities and Exchange Commission (SEC) reporting requirements, notably the 8-K rule on cyber incident disclosure. This regulatory evolution transforms OT cybersecurity from a technical cost center into a financially measurable strategic imperative, redefining investment priorities for the global energy sector.

Swedish renewable energy developer OX2 has appointed Matthias Taft as its new chief executive officer, succeeding Paul Stormoen, who led the company since 2011 and will now join the board of directors.
Driven by distributed solar and offshore wind, renewable energy investments rose 10% year-on-year despite falling financing for large-scale projects.
Australian Oilseeds Holdings was granted a deadline extension until 30 September to comply with the Nasdaq’s equity requirements, avoiding immediate delisting from the exchange.
Fermi America has closed $350mn in financing led by Macquarie to accelerate the development of its HyperGrid™ energy campus, focused on artificial intelligence and high-performance data applications.
Soluna Holdings launched two energy projects in Texas, reaching one gigawatt of cumulative capacity for its data centres, marking a new stage in the development of computing infrastructure powered by renewable energy.
Eneco’s Supervisory Board has appointed Martijn Hagens as the next Chief Executive Officer. He will succeed interim CEO Kees Jan Rameau, effective from 1 March 2026.
With $28 billion in planned investments, hyperscaler expansion in Japan reshapes grid planning amid rising tensions between digital growth and infrastructure capacity.
The suspension of the Revolution Wind farm triggers a sharp decline in Ørsted’s stock, now trading at around 26 USD, increasing the financial stakes for the group amid a capital increase.
Hydro-Québec reports net income of C$2.3 billion in the first half of 2025, up more than 20%, driven by a harsh winter and an effective arbitrage strategy on external markets.
French group Air Liquide strengthens its presence in Asia with the acquisition of South Korean DIG Airgas, a key player in industrial gases, in a strategic €2.85 billion deal.
The Ministry of Economy has asked EDF to reconsider the majority sale agreement of its technology subsidiary Exaion to the American group Mara, amid concerns related to technological sovereignty.
IBM and NASA unveil an open-source model trained on high-resolution solar data to improve forecasting of solar phenomena that disrupt terrestrial and space-based technological infrastructures.
The Louisiana regulatory commission authorizes Entergy to launch major energy projects tied to Meta’s upcoming data center, with anticipated impacts across the regional power grid.
Westbridge Renewable Energy will implement a share consolidation on August 22, reducing the number of outstanding shares by four to optimize its financial market strategy.
T1 Energy secures a wafer supply contract, signs 437 MW in sales, and advances G2_Austin industrial deployment while maintaining EBITDA guidance despite second-quarter losses.
Masdar has allocated the entirety of its 2023–2024 green bond issuances to solar, wind, and storage energy projects, while expanding its financial framework to include green hydrogen and batteries.
Energiekontor launches a €15 million corporate bond at 5.5% over eight years, intended to finance wind and solar projects in Germany, the United Kingdom, France, and Portugal.
The 2025 EY study on 40 groups shows capex driven by mega-deals, oil reserves at 34.7 billion bbl, gas at 182 Tcf, and pre-tax profits declining amid moderate prices.
Australian fuel distributor Ampol reports a 23% drop in net profit, impacted by weak refining margins and operational disruptions, while surpassing market forecasts.
Puerto Rico customers experienced an average of 73 hours of power outages in 2024, a figure strongly influenced by hurricanes, according to the U.S. Energy Information Administration.

Log in to read this article

You'll also have access to a selection of our best content.

or

Go unlimited with our annual offer: $99 for the 1styear year, then $ 199/year.