Groups From China, Russia, Iran Hitting OT Systems Worldwide

Nation-state threat groups, including China-linked Voltzite, Russia-linked Graphite, and Iran-linked Bauxite, are actively targeting operational technology (OT) systems worldwide. Voltzite, known for its focus on critical infrastructure, steals network diagrams and GIS data to prepare for disruptive attacks, while Graphite and Bauxite target industrial and energy organizations in regions of geopolitical interest. These groups exploit vulnerabilities in VPN appliances and firewalls, utilizing compromised devices to gain access to OT networks and achieve persistence.