INFRASTRUCTURE attacks with physical consequences fell by 25% in 2025, marking a notable lull in major OT incidents at industrial and critical infrastructure sites, according to Waterfall Security Solutions. The quantity of physically impactful OT attacks dropped from 2024 and 2023 levels, with Waterfall’s newly published annual report identifying just 57 such incidents in 2025.
By contrast, 2024 saw 76 incidents, and earlier years had far fewer; the trend reversal now prompts questions about whether protections are finally taking hold or if reporting patterns have changed. Notably, the Jaguar Land Rover attack last summer is cited as one of the most expensive cyber incidents, with losses estimated at about a billion dollars for the company and around $2.5 billion to the UK economy.
The piece also notes that some attackers found exposed HMIs via Shodan or similar means and accessed systems with default or stolen passwords, highlighting a basic security risk. The article, by Nate Nelson, was published on 27 March 2026.