This post is also available in: heעברית (Hebrew)

Cyber attacks against industrial players, providers of critical infrastructure and facilities, and energy corporations – whether oil, natural gas, or renewable energy – are frequently not motivated by a desire to make quick cash. One of their primary goals is to steal information or disrupt systems so as to cause a real disruption. The cyber attack on Colonial Pipeline, the largest US fuel provider, which occured this year is only one example of the supply chain damage that digital attacks may cause. However, further investigation finds that only two known hackers are responsible for more than half of all attacks.

Cyberattacks directed at the industrial sector and led by Advanced Persistent Threat (APT) groups are often political in nature. While tensions between Russia and Ukraine are at an all-time high, and Russia is being accused of continued cyberattacks, the Kremlin continues to deny any role in the operations. Russia has already been blamed for a cyber attack on Ukraine in 2015, during which the country’s electrical grid was shut down.

This year’s Dragos report on threats to industrial control systems (ICS) and operational technology (OT) uncovered three new groups of industrial hacker groups. According to, the three new hacker groups are Kostovite (active since 2021), Petrovite (active since 2019) and Erythrite (active since at least 2020). Kosovite Group has targeted institutions in North America and Australia; Petrovite Group has focused on mining and energy businesses in Kazakhstan; and Erythrite has targeted various organizations in the US and Canada, including oil and gas organizations, infrastructure, and power companies.

Prepared to dive into the world of futuristic technology? Attend INNOTECH 2023, the international convention and exhibition for cyber, HLS and innovation at Expo, Tel Aviv, on March 29th-30th

Interested in sponsoring / a display booth at the 2023 INNOTECH exhibition? Click here for details!