LIVE
UTC --:--:--
OT SECURITY HUB
by zuckergates
Learn · Academy, labs & literasi OT
Roadmap Belajar
Roadmap role-based
LMS Academy
Materi · pre-test · post-test
Labs
50+ hands-on labs · CTF · cyber range
Articles
Deep dive teknis & how-to
News
Update OT/ICS harian
Glossary
≈190 istilah OT, ICS & SCADA
Resources
Buku, kursus, podcast, lab
Knowledge · Anatomi sistem industrial
Protocols
Modbus, DNP3, IEC-104, OPC UA
Architectures
Purdue, IEC 62443 zones
Assets
PLC, RTU, HMI, SIS, Historian
Sectors
Energy, water, manufacturing
Knowledge Graph
Relasi lintas modul (interaktif)
Threat Intel · OT/ICS threat operations center
Incidents & Timeline
Database insiden + linimasa (5 view modes)
Threats
Actors & ICS Malware · Sandworm, Pipedream, Triton
Vulnerabilities
CVE Watch · eksploitasi aktif & CVSS ≥ 8.0
Advisories
ICS-CERT, vendor PSIRT, CERT nasional
Governance · Framework, kontrol, assessment
Frameworks
IEC 62443, NIST CSF 2.0, NIS2
Controls
Kontrol teknis & prosedural
Assessments
Maturity & gap assessment
Ecosystem · Vendor, tools, intel mingguan
Vendors
Siemens, Schneider, Rockwell, ABB, Honeywell
Tools
Tool open-source & komersial (≈70+)
Brief
Executive brief mingguan
// MODULE · INCIDENTS & TIMELINE

Database insiden + linimasa OT/ICS

160 insiden besar dari Maroochy (2000) & Stuxnet (2010) hingga gelombang CyberAv3ngers / Foxconn / West Pharmaceutical 2026 — gabungan Incident Tracker & Timeline dalam satu modul, dengan tautan resmi (CISA, Dragos, Mandiant, ENISA, vendor PSIRT, media tepercaya).

Tampil
133
Critical
27
Berreferensi
108
Aktor unik
34
Sektor
18
Distribusi insiden per tahun (klik bar untuk fokus tahun)160 total
2026 · USA · Water
medium

Minot ND Water Treatment (Ransomware)

Ransomware menyerang server plant pengolahan air Minot — manual fallback mencegah dampak fisik.

Ransomware (server plant)
City of Minot statementIndustrial Cyber report
2026 · USA · Multi
critical

CyberAv3ngers PLC Wave (AA26-097A)

Joint advisory CISA/FBI/NSA/EPA/DOE/CyberCom: aktor Iran (IRGC-CEC) eksploitasi PLC eksposur internet di infrastruktur kritis AS.

PLC internet-facing (Unitronics, Siemens, Schneider)CyberAv3ngers
CISA AA26-097AClaroty advisoryCSO Online
2026 · USA · Manufacturing
high

Foxconn Wisconsin (Nitrogen)

Ransomware Nitrogen menarget Foxconn Wisconsin dan mengklaim mencuri data desain pelanggan tier-1.

Nitrogen ransomwareNitrogenNitrogen
Foxconn statementDaily Security ReviewIndustrial Cyber
2026 · USA · Healthcare
high

West Pharmaceutical Services Ransomware

Insiden ransomware ke pemasok kemasan farmasi kritis terdisclose via SEC 8-K Mei 2026.

Ransomware (Unit 42 engaged)
West Pharma SEC 8-KIndustrial Cyber report
2025 · Taiwan · Transportation
medium

Taiwan HSR Emergency Brake (RF)

Kit radio rakitan mahasiswa memicu sistem rem darurat kereta cepat — contoh risiko RF/keamanan sinyal pada OT transportasi.

Interferensi radio (walkie-talkie kit)
2025 · UK · Retail
high

Marks & Spencer (Scattered Spider / DragonForce)

Ransomware besar mengganggu retailer ikonik UK setelah social engineering ke vendor IT.

Vishing → IT outsourcer → DragonForceDragonForceScattered Spider
M&S RNS statementBBC reportNCSC guidance
2025 · UK · Retail
high

Co-op UK (Scattered Spider)

Aktor sama M&S menyasar koperasi ritel terbesar UK pada bulan yang sama.

Social engineering helpdeskScattered Spider
Co-op cyber updateBBC report
2025 · Iran · Financial
high

Bank Sepah Iran (Predatory Sparrow)

Operasi hacktivist di tengah konflik Israel–Iran menyerang bank mitra militer Iran.

Wiper destruktifPredatory Sparrow
Reuters Bank SepahBleepingComputer
2025 · Iran · Financial
high

Nobitex Exchange Iran (Predatory Sparrow)

Predatory Sparrow menarget exchange kripto terbesar Iran dan mempublikasikan kodenya.

Pembakaran kripto + leak sourcePredatory Sparrow
Elliptic analysisBleepingComputer
2025 · UK · Manufacturing
critical

Jaguar Land Rover Shutdown

Salah satu insiden cyber paling mahal di industri otomotif Inggris; produksi baru pulih bertahap Oktober.

Ransomware (Agustus 2025)
JLR statementBBC coverageNCSC sector alert
2025 · Japan · Manufacturing
high

Asahi Group Holdings Ransomware

Ransomware melumpuhkan sistem pemesanan & distribusi produsen minuman terbesar Jepang.

Ransomware (Qilin diduga)Qilin
Asahi Group official updateBloomberg report
2025 · Europe · Transportation
high

Collins Aerospace MUSE (Airport Check-in)

ENISA konfirmasi ransomware ke MUSE (RTX/Collins) mengganggu operasi multi-bandara Eropa.

Ransomware HardBit (third-party)HardBit
ENISA statementSecurityWeekIndustrial Cyber
2025 · Global · Financial
critical

Bybit Cold Wallet Heist (Lazarus)

Lazarus memanipulasi front-end Safe{Wallet} sehingga operator menandatangani transaksi malicious dari cold wallet Bybit.

Safe{Wallet} UI compromise → blind signingLazarus Group (DPRK)
Bybit official updateElliptic analysisFBI public service announcement
2025 · USA/CA · Education
high

PowerSchool K-12 Data Breach

Penyedia SIS K-12 terbesar AS mengalami pencurian data masif melalui akun support tanpa MFA.

Compromised support credential → PowerSource
PowerSchool incident pageCrowdStrike investigation
2025 · India · Manufacturing
high

Tata Technologies (Hunters Intl)

Penyedia engineering & PLM untuk otomotif/aerospace India terkena ransomware Februari 2025.

Hunters International ransomwareHunters International
Tata Technologies BSE filingThe Record
2025 · USA · Manufacturing
high

United Natural Foods (Whole Foods supplier)

Insiden cyber memaksa distributor grosir alami Amerika beralih ke proses manual; Whole Foods kosong stok regional.

Cyberattack on order management
UNFI 8-KReuters
2025 · USA · Financial
high

Allianz Life (Scattered Spider)

Bagian dari kampanye Scattered Spider menyasar tenant Salesforce perusahaan asuransi besar AS.

Vishing → SalesforceScattered Spider
Allianz Life noticeBleeping Computer
2025 · USA · Financial
high

Aflac Insurance Intrusion

Aflac mengkonfirmasi intrusi yang konsisten dengan kampanye Scattered Spider terhadap sektor asuransi AS.

Social engineering (Scattered Spider style)Scattered Spider (diduga)
Aflac press releaseReuters
2025 · UK · Retail
medium

Harrods (Scattered Spider gelombang UK)

Toko mewah ikonik London terkena upaya akses tidak sah pada gelombang retail UK pasca-M&S/Co-op.

Social engineering (diduga)Scattered Spider (diduga)
Harrods statementBBC News
2025 · UK · Retail
high

Marks & Spencer UK Ransomware

Vishing helpdesk membuka pintu DragonForce di peritel besar UK.

DragonForce / Scattered SpiderDragonForceScattered Spider
M&S statementBBC coverage
2024 · Ukraine · Utilities
high

FrostyGoop Lviv Heating

Malware Modbus pertama yang dideteksi menargetkan district heating.

Modbus TCPFrostyGoop
Dragos FROSTYGOOP reportCyberScoop coverage
2024 · Singapore · Transportation
medium

Singapore Critical Infra Recon 2024

Aktivitas pre-positioning aktor China terdeteksi dini.

Volt Typhoon reconVolt Typhoon
CISA Volt Typhoon AA24-038A
2024 · Russia · Utilities
high

Moscollector FuxNet

Wiper firmware sensor utility skala besar oleh hacktivist Ukraine.

FuxNet sensor wiperFuxNetBlackJack
Forbes FuxNet coverage
2024 · Slovenia · Energy
high

Slovenia HSE Ransomware

Ransomware menyerang utility energi besar; IT lumpuh, OT selamat.

Rhysida ransomwareRhysida
Reuters HSE coverage
2024 · USA · Retail
high

CDK Global Auto Dealer Outage

SaaS dealer otomotif lumpuh menyebabkan disrupsi industri.

Ransomware (BlackSuit)BlackSuit
2024 · USA · Oil & Gas
high

Halliburton Cyberattack

Insiden cyber pada salah satu oilfield service terbesar dunia.

Ransomware (RansomHub)RansomHub
Halliburton 8-K
2024 · UK · Healthcare
critical

Synnovis NHS Pathology

Lab patologi NHS lumpuh karena ransomware Rusia.

Qilin ransomwareQilin
NHS England statement
2024 · Poland · Transportation
high

Newag Train DRM Sabotage

Kontroversi backdoor vendor pada kereta listrik Newag.

Vendor firmware backdoor
2024 · France · Healthcare
high

Hôpital Simone Veil

Ransomware lain pada rumah sakit publik Prancis.

Ransomware (LockBit affiliate)LockBit
2024 · USA · Water
medium

American Water Works

Insiden cyber pada utility air terbesar AS; OT diklaim aman.

Cyber incident
2024 · USA · Healthcare
critical

Change Healthcare

Insiden ransomware termahal di sektor kesehatan AS.

BlackCat/ALPHV ransomwareBlackCatBlackCat
2024 · Germany · Manufacturing
high

Hyundai Motor Europe

Ransomware pada divisi Eropa Hyundai Motor.

Black Basta ransomwareBlack Basta
2024 · Indonesia · Government
critical

PDNS Surabaya (Brain Cipher)

Ransomware melumpuhkan Pusat Data Nasional Sementara Indonesia; backup tidak memadai memperparah dampak.

Ransomware (Brain Cipher)Brain CipherBrain Cipher
2024 · France · Manufacturing
medium

Schneider Electric (Cactus)

Ransomware menargetkan divisi Sustainability Business; OT/produk tidak terdampak langsung.

Cactus ransomware → Sustainability BUCactus
Schneider Electric statementBleepingComputer
2024 · Indonesia · Oil & Gas
medium

Pertamina International Shipping (LockBit)

LockBit mengklaim mencuri data armada & kontrak anak usaha Pertamina di sektor shipping.

LockBit 3.0LockBitLockBit
Reuters Pertamina PIS
2024 · USA · Healthcare
critical

Ascension Health (Black Basta)

Salah satu insiden cyber kesehatan terbesar AS — paper charts kembali dipakai ribuan klinisi.

Phishing → Black BastaBlack BastaBlack Basta
Ascension cyber updateCISA AA24-131A Black Basta
2024 · Global · Multi
critical

CrowdStrike Falcon — Dampak Sektoral

Bukan serangan: rilis sensor cacat memicu outage IT global terbesar dalam sejarah; dampak lintas sektor.

Faulty channel file update (Falcon sensor)
CrowdStrike RCAMicrosoft incident summary
2024 · UK · Transportation
high

Transport for London

Remaja 17 tahun ditangkap NCA; layanan transit fisik tetap jalan, layanan digital lumpuh.

Intrusion → reset 30.000 staf
TfL cyber updateNCA arrest
2024 · USA · Manufacturing
high

Stoli Group USA — Chapter 11 paska Ransomware

Bagaimana ransomware Agustus berujung pada kebangkrutan formal Stoli US pada November.

Ransomware (Agustus 2024)
Reuters Stoli Chapter 11
2024 · USA · Manufacturing
medium

Krispy Kreme (Play)

Ransomware mengganggu kanal digital produsen makanan ritel besar AS (disclose via SEC 8-K).

Play ransomwarePlayPlay
Krispy Kreme 8-KBleepingComputer Play claim
2024 · Germany · Manufacturing
medium

Volkswagen Cariad EV Data Leak

Misconfigurasi cloud pada anak usaha software VW mengekspos telemetri kendaraan listrik.

AWS bucket terbuka (Cariad)
CCC / Spiegel reportBleepingComputer
2024 · Global · Multi
critical

Ivanti Connect Secure (UTA0178)

Rantai eksploitasi VPN edge appliance memicu emergency directive nasional AS.

Zero-day CVE-2023-46805 + 2024-21887UTA0178 (China-nexus)
CISA ED 24-01Volexity disclosure
2024 · Global · Multi
critical

Snowflake Credential Attacks (UNC5537)

Kampanye besar penyalahgunaan kredensial Snowflake tanpa MFA — memicu wajib MFA platform.

Stolen credentials infostealer → Snowflake tenantsUNC5537
Mandiant UNC5537 reportSnowflake official update
2024 · USA · Telecom
critical

Salt Typhoon US Telecom

Spionase China terhadap backbone telekomunikasi AS; CISA/FBI rilis hardening guide telco.

Router/edge exploitationSalt Typhoon (China)
CISA Salt Typhoon advisoryWSJ report
2024 · Indonesia · Healthcare
high

BPJS Kesehatan Data Leak (lanjutan)

Klaim kebocoran ulang data BPJS Kesehatan menyoroti tata kelola PII layanan kesehatan publik nasional.

API/data exposure (klaim aktor)
BSSN siaran persKompas laporan
2024 · Indonesia · Transportation
medium

PT KAI (Stormous diklaim)

Kelompok Stormous mengklaim mengakses sistem PT KAI; perusahaan menegaskan layanan operasional aman.

Klaim ransomware/data exfilStormous (klaim)
KAI klarifikasiCNN Indonesia
2024 · Global · Multi
high

Cleo MFT Mass Exploitation (Cl0p)

Cl0p kembali mengeksploitasi platform managed file transfer setelah MOVEit; gelombang Desember 2024.

Zero-day Cleo Harmony/VLTrader CVE-2024-50623/55956Cl0pCl0p
Cleo security advisoryHuntress analysisCISA KEV CVE-2024-50623
2024 · Poland · Water
medium

Polish Water Utility (CyberAv3ngers)

Ekspansi kampanye CyberAv3ngers Unitronics dari AS ke Eropa; menarget PLC water utility kecil.

Unitronics PLC default passwordCyberAv3ngers
CERT Polska reportIndustrial Cyber
2024 · USA · Healthcare
critical

Change Healthcare

Ransomware payment clearinghouse melumpuhkan ekosistem kesehatan US.

Citrix tanpa MFA → ALPHVBlackCatALPHV
UnitedHealth 8-KCISA #StopRansomware ALPHV
2024 · Global · Multi
high

Snowflake Tenant Breach

Kredensial pengguna SaaS hasil infostealer dipakai akses ratusan tenant Snowflake.

Stealer creds → SaaS tanpa MFAScattered Spider
Mandiant UNC5537Snowflake advisory
2024 · DE · Manufacturing
high

Hyundai Motor Europe

Ransomware menyerang HQ Eropa Hyundai dengan eksfil masif.

BlackBasta ransomwareBlack Basta
BleepingComputer
2024 · USA · Telecom
critical

US Telecom Salt Typhoon

Spionase China terhadap carrier US dengan akses lawful intercept.

Edge router exploitSalt Typhoon
CISA Salt Typhoon guidanceWSJ initial report
2024 · USA · Telecom
high

Frontier Communications

Ransomware terhadap operator telekomunikasi regional US.

RansomHubRansomHubRansomHub
Frontier 8-K SEC
2024 · USA · Oil & Gas
high

Halliburton RansomHub Detail

Insiden ransomware besar pada salah satu oilfield service global.

RansomHub ransomwareRansomHubRansomHub
Halliburton 8-K
2024 · USA · Healthcare
critical

Ascension Health BlackBasta

Salah satu jaringan rumah sakit terbesar US lumpuh oleh Black Basta.

Black Basta ransomwareBlack Basta
Ascension statementHHS HC3 brief
2024 · USA · Healthcare
high

Cencora Data Breach

Distributor farmasi besar US mengungkap eksfil data pasien luas.

Network intrusion → data exfil
Cencora 8-K
2024 · UK · Healthcare
critical

Synnovis NHS Qilin

Lab patologi NHS lumpuh; ribuan operasi tertunda berbulan.

Qilin ransomwareQilinQilin
NHS England statement
2024 · Global · Multi
critical

CrowdStrike Falcon Global Outage

Update sensor EDR salah memicu BSOD massal di seluruh dunia.

Faulty channel file update
CrowdStrike RCAMicrosoft blog
2024 · Global · Multi
critical

Ivanti Connect Secure Mass Exploit

Rangkaian zero-day Ivanti dieksploitasi aktor China sepanjang Q1 2024.

Ivanti CS 0-day (UTA0178)UNC5221
CISA ED 24-01Mandiant UNC5221
2024 · Japan · Multi
high

Fujitsu Internal Breach

Fujitsu mengungkap intrusi internal dengan malware kustom.

Custom malware
Fujitsu statement
2024 · Germany · Manufacturing
medium

ThyssenKrupp Auto Body Breach

Salah satu anak perusahaan ThyssenKrupp terkena intrusi cyber.

Network intrusion
Handelsblatt coverage
2024 · Germany · Manufacturing
high

Varta Battery Cyberattack

Produsen baterai Jerman shutdown total karena insiden cyber.

Unspecified cyberattack
Varta press release
2024 · Germany · Manufacturing
high

Semikron Danfoss Outage

Produsen modul daya terkena ransomware; data eksfil dipublikasi.

Ransomware
Semikron statement
2024 · USA · Oil & Gas
high

Halliburton RansomHub

Salah satu oilfield service global terkena ransomware besar.

RansomHub ransomwareRansomHubRansomHub
Halliburton 8-K
2024 · USA · Manufacturing
high

Stoli Group Bankruptcy

Ransomware Agustus 2024 memicu kebangkrutan US Stoli pada akhir 2024.

Ransomware → ERP collapse
Reuters Stoli
2024 · Austria · Manufacturing
medium

Semperit Cyberattack

Produsen karet teknis besar Austria terkena ransomware.

Ransomware
2024 · USA · Manufacturing
high

Key Tronic Black Basta

Produsen PCBA US dilumpuhkan Black Basta dengan eksfil 530GB.

Black Basta ransomwareBlack Basta
Key Tronic 8-K
2023 · USA · Manufacturing
high

Clorox Cyberattack

Insiden cyber memaksa produksi manual dan kelangkaan produk.

Ransomware
Clorox 8-K SEC
2023 · USA/IL · Water
high

CyberAv3ngers Unitronics Water

PLC default-password dieksploitasi aktor Iran-linked.

Default password PLC UnitronicsIOControlCyberAv3ngers
CISA AA23-335AWaterISAC alert
2023 · USA · Manufacturing
high

Dole Food Ransomware

Produsen makanan global terkena ransomware menggangu rantai pasok.

Ransomware
2023 · USA · Manufacturing
high

MKS Instruments Ransomware

Insiden supplier semikonduktor merembet ke pelanggan besar.

Ransomware
2023 · USA · Healthcare
high

Prospect Medical Holdings

Ransomware melumpuhkan jaringan rumah sakit besar AS.

Rhysida ransomwareRhysida
2023 · Iran · Oil & Gas
high

Iran Gas Stations Disruption

Hacktivist melumpuhkan sistem pembayaran SPBU nasional.

Hacktivist sabotagePredatory Sparrow
2023 · Israel · Healthcare
high

Mayanei HaYeshua Hospital

Serangan ransomware di rumah sakit besar Israel.

Ransomware (Ragnar Locker)Ragnar Locker
2023 · Colombia · Utilities
high

EMCALI Colombia Utility

Ransomware pada utility multi-service (listrik, air, telekom) Colombia.

Ransomware
2023 · Italy · Manufacturing
medium

Ferrari Data Breach

Pencurian data pelanggan dari produsen otomotif mewah.

Account compromise
2023 · Japan · Transportation
high

Port of Nagoya Ransomware

Ransomware menghentikan operasi terminal Toyota dan ekspor mobil.

LockBit ransomwareLockBitLockBit
2023 · UK · Transportation
high

Royal Mail LockBit

Ransomware melumpuhkan operator pos nasional UK.

LockBit ransomwareLockBitLockBit
Royal Mail update
2023 · USA · Manufacturing
high

Johnson Controls Dark Angels

Ransomware besar terhadap raksasa building automation.

Dark Angels ransomwareDark Angels
Johnson Controls 8-K
2023 · USA · Hospitality
high

MGM Resorts (Scattered Spider)

Social engineering ke help-desk membuka jalan ransomware ke seluruh infrastruktur kasino.

Vishing → IT helpdesk → OktaScattered Spider
MGM 8-K filingMandiant Scattered SpiderReuters report
2023 · Australia · Transportation
high

DP World Australia Ports

Eksploitasi Citrix NetScaler memaksa operator pelabuhan terbesar Australia memutus jaringan.

Citrix Bleed (CVE-2023-4966)
ACSC / Cyber.gov.auReuters
2023 · Indonesia · Financial
high

Bank Syariah Indonesia (LockBit)

Ransomware melumpuhkan bank syariah terbesar Indonesia dan memicu reformasi tata kelola siber sektor finansial.

LockBit 3.0 ransomwareLockBitLockBit
Reuters BSI LockBitBleepingComputer
2023 · USA · Manufacturing
high

Boeing Parts Distribution (LockBit)

Konfirmasi rinci eksploitasi Citrix NetScaler Boeing setelah ransom tidak dibayar.

Citrix Bleed (CVE-2023-4966)LockBitLockBit
CISA AA23-325A (Citrix Bleed)BleepingComputer Boeing
2023 · Global · Multi
critical

MOVEit Transfer (Cl0p)

Eksploitasi massal aplikasi managed file transfer MOVEit oleh geng Cl0p — kampanye pencurian data terbesar 2023.

SQLi zero-day CVE-2023-34362Cl0pCl0p (TA505)
CISA AA23-158AProgress MOVEit advisoryEmsisoft tracker
2023 · USA · Healthcare
high

Henry Schein (BlackCat)

Distributor dental & medical Fortune 500 dua kali terkena ransomware dalam setahun.

BlackCat/ALPHV ransomware (2x)BlackCatBlackCat
Henry Schein 8-KBleeping Computer
2023 · USA · Hospitality
high

MGM Resorts Outage

Vishing helpdesk membuka pintu BlackCat di operator kasino besar.

Vishing → BlackCatBlackCatScattered Spider
MGM 8-K SECMandiant Scattered Spider
2023 · Asia · Energy
high

RedFly National Grid Asia

Operator China bersembunyi 6 bulan di jaringan operator grid Asia.

ShadowPad persistenceRedFly
Symantec Threat Hunter
2023 · UK · Nuclear
high

Sellafield UK Nuclear Allegations

Allegasi The Guardian tentang persistensi malware di fasilitas nuklir UK.

Long-term unknown malware
The Guardian investigation
2023 · UK · Transportation
high

Royal Mail LockBit

Pos nasional UK lumpuh untuk pengiriman luar negeri akibat LockBit.

LockBit ransomwareLockBitLockBit
Royal Mail update
2023 · USA · Manufacturing
high

Applied Materials via MKS

Insiden supplier semikonduktor merembet ke vendor equipment besar.

MKS Instruments supplier ransomware
Applied Materials 10-Q
2023 · UK · Hospitality
medium

Yum! Brands Ransomware

Ransomware mengganggu operasi rantai restoran besar di UK.

Ransomware
BleepingComputer
2023 · USA · Government
high

City of Dallas Royal

Ransomware Royal melumpuhkan layanan kota Dallas selama lebih dari sebulan.

Royal ransomwareRoyal
City of Dallas response
2023 · USA · Finance
critical

ICBC US LockBit Citrix Bleed

Eksploitasi Citrix Bleed di bank terbesar dunia mengguncang pasar US Treasury.

Citrix Bleed → LockBitLockBitLockBit
Reuters ICBC
2023 · USA · Aerospace
high

Boeing Distribution LockBit

LockBit memublikasikan data Boeing setelah ransom tidak dibayar.

Citrix Bleed → LockBitLockBitLockBit
Boeing statement via CyberScoop
2023 · USA · Manufacturing
high

Johnson Controls Dark Angels

Building management & HVAC global terkena ransomware besar.

Dark Angels ransomwareDark Angels
Johnson Controls 8-K
2023 · Global · Multi
critical

Clop MOVEit Mass Exploit

Zero-day MOVEit dieksploitasi massal oleh Clop sepanjang 2023.

MOVEit Transfer 0-dayClopClop
CISA AA23-158AMandiant MOVEit
2023 · Japan · Transportation
high

Port of Nagoya LockBit

Sistem manajemen kontainer pelabuhan Jepang terkena LockBit.

LockBit ransomwareLockBitLockBit
NUTC statement (JP)
2023 · Australia · Transportation
high

DP World Australia Outage

Operator pelabuhan global lumpuh di Australia akibat insiden cyber.

Cyber incident
DP World statement
2023 · Canada · Oil & Gas
high

Suncor Petro-Canada

Operator migas terintegrasi Kanada terkena insiden cyber.

Cyberattack
Suncor statement
2022 · Ukraine · Energy
high

Industroyer2

Evolusi Industroyer dengan target hardcoded.

IEC-104Industroyer2Sandworm
ESET Industroyer2CERT-UA #4435
2022 · · · Multi
critical

Pipedream / Incontroller

Framework malware ICS modular paling canggih.

Multi-vendor toolkitPipedreamChernovite
CISA AA22-103ADragos PIPEDREAMMandiant INCONTROLLER
2022 · Europe · Telecom
high

Viasat KA-SAT Wiper

Wiper firmware modem satelit di awal invasi Ukraina.

AcidRain wiperAcidRainSandworm
Viasat KA-SAT incident reportSentinelOne AcidRain analysis
2022 · Japan · Manufacturing
high

Kojima → Toyota Shutdown

Insiden supplier Tier-1 memaksa Toyota shutdown nasional.

Supplier ransomware
Toyota NewsroomReuters coverage
2022 · Portugal · Telecom
high

Vodafone Portugal Outage

Serangan cyber terhadap core network operator telekomunikasi besar.

Cyberattack on core network
2022 · Costa Rica · Government
critical

Costa Rica National Emergency

Pertama kali sebuah negara mendeklarasikan darurat nasional akibat ransomware.

Conti ransomwareContiConti
2022 · Italy · Manufacturing
high

Luxottica Data + Ops

Insiden cyber besar pada produsen kacamata global.

Ransomware
2022 · Germany · Manufacturing
high

Semikron Ransomware

Ransomware pada produsen komponen power semiconductor.

LV ransomwareLV
2022 · Malaysia · Transportation
high

AirAsia Daixin Leak

Maskapai LCC besar Asia Tenggara terkena ransomware double-extortion.

Daixin ransomwareDaixin
2022 · Indonesia · Oil & Gas
high

MyPertamina Data Leak (Bjorka)

Kebocoran data aplikasi ritel BBM Pertamina yang diklaim aktor Bjorka — momentum perbaikan keamanan nasional.

API enumeration (dugaan)Bjorka
2022 · Iran · Manufacturing
critical

Iran Khouzestan Steel Mill Fire

Hacktivist canggih menyebabkan kerusakan fisik baja Iran via OT.

OT sabotagePredatory Sparrow
Check Point Research
2022 · Japan · Manufacturing
high

Toyota Japan All-Plant Halt

Insiden supplier menghentikan seluruh produksi Toyota Jepang dalam sehari.

Kojima Industries supplier hack
Toyota newsroom
2022 · USA · Manufacturing
high

Bridgestone Americas LockBit

LockBit menyerang anak perusahaan Bridgestone Amerika.

LockBit 2.0LockBitLockBit
BleepingComputer
2022 · Germany · Energy
high

Nordex Wind Conti

Produsen turbin angin Jerman lumpuh; remote control turbin offline.

Conti ransomwareContiConti
Nordex statement
2022 · Germany · Energy
medium

Deutsche Windtechnik

Operator service turbin angin Jerman kehilangan remote monitoring.

Ransomware
Recorded Future / The Record
2022 · Germany · Energy
high

Enercon Viasat Satellite Loss

Wiper Sandworm pada modem satelit melumpuhkan armada turbin angin.

AcidRain pada modem KA-SATAcidRainSandworm
Enercon press release
2022 · Germany · Manufacturing
high

Continental LockBit 3.0

Supplier otomotif Jerman besar terkena LockBit dengan eksfil masif.

LockBit 3.0LockBitLockBit
Continental statement
2022 · India · Energy
high

Tata Power Hive

Salah satu utility listrik terbesar India terkena Hive ransomware.

Hive ransomwareHiveHive
Reuters Tata Power
2022 · Germany · Oil & Gas
high

Oiltanking & Mabanaft

Operator terminal BBM Jerman terkena BlackCat menjelang krisis energi.

BlackCat ransomwareBlackCatALPHV
BleepingComputer
2022 · Switzerland · Transportation
medium

Swissport BlackCat

Operator ground handling bandara terbesar dunia terkena BlackCat.

BlackCat ransomwareBlackCatALPHV
Swissport statement
2022 · Europe · Telecom
critical

Viasat KA-SAT Attack (Detail)

Wiper firmware modem KA-SAT dilancarkan Sandworm di jam pertama invasi.

AcidRain wiperAcidRainSandworm
Viasat incident report
2021 · USA · Oil & Gas
critical

Colonial Pipeline

Ransomware IT memaksa shutdown OT preventif.

VPN tanpa MFA → DarkSideDarkSideDarkSide
CISA AA21-131AFBI press release
2021 · USA · Water
high

Oldsmar Water Treatment

Demonstrasi bahaya remote access tak aman di utilitas kecil.

TeamViewer publik
FBI/CISA Joint AlertWired report
2021 · USA/AU · Manufacturing
high

JBS Foods Ransomware

Ransomware melumpuhkan produsen daging terbesar dunia.

REvil ransomwareREvilREvil
FBI statement on JBSDoJ on Sodinokibi/REvil
2021 · USA · Water
medium

Florida Bay County Water

Insiden water utility AS yang mengungkap eksposur remote access masif.

Insider / remote access
CISA AA21-042A
2021 · Australia · Manufacturing
high

JBS Australia Beef Shutdown

Cabang lokal terdampak insiden global JBS.

REvil ransomwareREvilREvil
2021 · USA · Multi
critical

Kaseya VSA (REvil)

Eksploitasi VSA on-prem memungkinkan REvil men-deploy ransomware massal lewat jalur MSP.

Zero-day Kaseya VSA → MSPREvilREvil
CISA AA21-187AKaseya VSA security advisory
2021 · USA · Manufacturing
high

Kia Motors America Outage

Layanan IT Kia Amerika lumpuh; ransomware DoppelPaymer dilaporkan.

DoppelPaymer (alleged)DoppelPaymer
BleepingComputer
2021 · Taiwan · Manufacturing
high

Acer REvil USD 50M

Eksploitasi MS Exchange dipakai REvil menyerang produsen laptop besar.

REvil via MS ExchangeREvilREvil
BleepingComputer
2021 · Germany · Chemical
high

Brenntag DarkSide

Distributor kimia global dipaksa membayar tebusan ke DarkSide.

DarkSide ransomwareDarkSideDarkSide
BleepingComputer
2021 · Japan · Healthcare
high

Olympus BlackMatter

Produsen alat medis Jepang terkena BlackMatter dua kali dalam dua bulan.

BlackMatterBlackMatter
Reuters coverage
2021 · South Africa · Transportation
critical

Transnet Ports South Africa

Ransomware melumpuhkan pelabuhan kontainer terbesar Afrika Selatan.

Death Kitty / HelloKitty variantHelloKitty
Reuters Transnet
2021 · USA · Transportation
medium

Port of Houston Recon

Aktor APT mencoba menembus pelabuhan Houston via 0-day Zoho.

Zoho ManageEngine 0-dayAPT
CISA AA21-259A
2021 · USA · Water
medium

Florida Water Audit

Audit nasional pasca-Oldsmar mengungkap eksposur masif utility air kecil.

Audit pasca-Oldsmar