Daily briefing covering the latest cybersecurity developments in Operational Technology (OT), Industrial Control Systems (ICS), Internet of Things (IoT), and Cyber-Physical Systems (CPS). Published May 05, 2026.
CISA Launches “CI Fortify” to Enhance Crisis Resilience in Critical Infrastructure
The Cybersecurity and Infrastructure Security Agency (CISA) introduced “CI Fortify,” a new initiative aimed at helping critical infrastructure operators maintain operations during cyber crises. The guidance emphasizes two key capabilities: Isolation—enabling systems to function independently from third-party networks—and Recovery, focusing on rapid restoration of compromised systems while isolated. CISA Acting Director Nick Andersen urged immediate adoption, highlighting the growing threat landscape facing OT environments.
Source: CISA
Nexcorium Botnet Exploits IoT DVR Flaws for Sophisticated Multi-Vector DDoS Attacks
FortiGuard Labs uncovered the Nexcorium botnet, a Mirai variant leveraging CVE-2024-3721—a remote OS command injection vulnerability in TBK DVR-4104 and DVR-4216 devices—to build a resilient attack infrastructure. The botnet employs a four-layer persistence mechanism and supports over ten DDoS vectors, also exploiting the older CVE-2017-17215 Huawei router flaw. Experts warn that inadequate IoT device hygiene enables lateral movement and sustained attacks, underscoring the need for proactive patch management in OT and IoT ecosystems.
Source: Security Buzz
Industrial Ransomware Incidents Surge 49%, Highlighting IT-to-OT Lateral Threats
INE reports a 49% year-over-year increase in ransomware attacks targeting industrial organizations, affecting over 3,300 entities globally, with manufacturing comprising more than two-thirds of victims. Notably, 78% of incidents originate within IT networks before spreading laterally into OT environments. Organizations with advanced OT visibility reduced containment times to 5 days compared to the 42-day industry average, emphasizing the critical role of integrated IT/OT security monitoring and rapid response.
Source: INE
FERC Proposes Updated Cybersecurity Requirements for Hydropower SCADA Systems
The Federal Energy Regulatory Commission (FERC) released a draft revision to Section 9.0 of its Security Program for Hydropower Guidance, targeting enhanced cybersecurity for SCADA and ICS in hydropower projects. Key updates include mandatory multi-factor authentication for remote access, strengthened supply-chain risk management, rigorous patch management for control components, and strategies for managing end-of-life equipment. Stakeholders have until May 18, 2026, to submit comments, marking a significant step toward standardized OT security in the energy sector.
Source: Troutman Energy Report
OT Providers Excluded from Anthropic’s Mythos AI Cybersecurity Rollout, Raising Industry Concerns
Operational technology vendors express frustration over their exclusion from Anthropic’s Project Glasswing, which leverages the Mythos AI model for automated vulnerability patching. The initial deployment targets major technology and financial firms, omitting OT and critical infrastructure sectors despite recent Tehran-backed cyberattacks exploiting Rockwell Automation control systems. The exclusion highlights challenges in patching physical OT systems, which often cannot be taken offline without disrupting operations, underscoring the need for tailored AI-driven solutions in OT security.
Source: Nextgov
This briefing is compiled and published daily by Viakoo. For more information on IoT security, visit the Viakoo Blog.
