Groups From China, Russia, Iran Hitting OT Systems Worldwide

Threat Groups Are Mapping OT Networks for Future Targeting, Warns Dragos Jayant Chakravarti (@JayJay_Tech) • March 13, 2025

Several nation-state groups are actively targeting operational technology systems, with the most prominent being a China-linked threat group called Voltzite, which is attacking critical infrastructure organizations to steal network diagrams, OT operating instructions and information about geographic information systems to help prepare for disruptive attacks, according to cybersecurity firm Dragos.

See Also: A Modern Approach to Data Security

Dragos said Wednesday that Voltzite - one of three active nation-state groups the company is tracking - shows extensive technical overlaps with Chinese state-sponsored hacker group Volt Typhoon, infiltrates OT networks by exploiting vulnerabilities in internet-facing VPN appliances and firewalls, and uses tools available on compromised systems to achieve persistence and evade detection.

Dragos researchers said the threat group, known for exclusively targeting OT infrastructure, set up complex chains of network infrastructure using compromised small ...