Red Flags for OT Abound in Dragos Review of 2025

Ransomware, Lack of Visibility, Mischaracterizations and Nation-States, Oh My Shaun Waterman • February 19, 2026

There is a silent epidemic of ransomware attacks on commercial operational technology systems, which are mischaracterized as IT incidents even though they impact operational systems, claims a comprehensive annual review of cyberattacks targeting OT, published this week by security firm Dragos.

See Also: How 72% of Enterprises Are Rewriting Cyber Resilience Playbooks

The report outlines worrying trends in the activities of nation-state level OT hacker groups, which are increasingly moving from initial access efforts to operations designed to reconnoiter OT systems and pre-position for attacks with real world effects.

Data collected by Dragos found ransomware attacks on OT systems are routinely mischaracterized, founder and CEO Rob Lee told reporters. "It's hard to estimate the percentage, but a lot of these [OT ransomware] cases are getting misidentified" as IT incidents, he said ...