Critical National Infrastructure Threat Intelligence
State-sponsored and criminal threats to energy, water, and the infrastructure on which national resilience depends.
Flash Briefings
Critical Unpatched RCE in Siemens RUGGEDCOM and ScadaBR — No Fix Available for Either
CISA's May 19 ICS advisories flag unauthenticated root-level code execution in Siemens RUGGEDCOM APE1808 and ScadaBR SCADA software. Neither has a patch. The ScadaBR vendor has not responded to CISA.
Volt Typhoon Activity Confirmed Across UK Water and Energy OT Networks
NCSC and Five Eyes partners have confirmed Volt Typhoon intrusions at operational technology networks in UK water treatment and regional energy distribution. The group is not causing disruption — it is waiting.
Deep Analysis
Volt Typhoon: The Long Game in Western Critical Infrastructure
A deep analysis of Volt Typhoon's objectives, methods, and targets — and what the sustained Chinese pre-positioning campaign in Western CNI means for how operators, regulators, and governments need to respond.
Commentary
A joint advisory from CISA, NCSC, and ten allied nations describes how China-linked threat actors have abandoned dedicated attack infrastructure in favour of networks of compromised home routers and IoT devices. The implication for defenders is worse than it sounds.
The OT/ICS Blind Spot: Why Your Cyber Risk Picture Is Missing Half the Picture
Most boards have a reasonable grasp of IT cyber risk. Almost none have adequate visibility into the operational technology that runs their industrial processes, utilities, and physical infrastructure. This gap is exactly what state actors are exploiting.
Nation-State Threats: What Business Leaders Get Wrong and Why It Matters
Most executives conflate nation-state cyber activity with the ransomware threat they're more familiar with. They are different in purpose, method, and the defences required. Getting this wrong shapes your entire risk posture.
The Real Cost of a Critical Infrastructure Attack: Beyond the Ransom
When a critical infrastructure operator is hit, the ransom payment is usually the smallest line on the eventual damage assessment. The true costs — operational, regulatory, reputational, and systemic — are far larger and far longer-lasting.