Dragos Reports Three New Threat Groups Targeting ICS/OT in 2025
In 2025, Dragos identified three new threat groups targeting industrial control systems (ICS) and operational technology (OT): Sylvanite, Azurite, and Pyroxene. These groups exploit vulnerabilities and steal sensitive operational data from various sectors globally, including the US, Taiwan, and Europe. Sylvanite acts as a broker for the group Voltzite, while Azurite has connections to multiple other threat groups and targets critical infrastructure. Pyroxene specializes in cross-domain access, using social engineering and wiper malware to disrupt operations.
Theia Market Signal Identification - AI Assisted
Dragos has reported three new threat groups targeting ICS/OT in 2025: Sylvanite, Azurite, and Pyroxene. Sylvanite facilitates access to critical infrastructure for Voltzite, exploiting vulnerabilities rapidly.
Azurite has stolen operational data from multiple sectors across the US, Taiwan, Japan, South Korea, Australia, and Europe. Pyroxene specializes in cross-domain access and employs social engineering tactics.
Additionally, the Russia-linked Kamacite group has expanded its reconnaissance efforts, scanning industrial devices in the US and targeting Poland's power grid. Threat actors are increasingly focused on data theft and disruption.
Comments