Daily OT Security News: July 18, 2026




Daily OT Security News: July 18, 2026

Today’s OT threat landscape is dominated by high-impact ransomware and active zero-day exploitation that cross the IT/OT boundary, a record Microsoft Patch Tuesday revealing many device-level flaws, and strategic industry responses to harden critical infrastructure. Incidents and analyses out of manufacturing, automotive, and food sectors reinforce that supplier access, edge appliances, and aging embedded devices remain primary vectors for disruptive cyber-physical attacks.

Ransomware Forces Fairlife to Halt All U.S. Dairy Production

Coca‑Cola’s Fairlife unit suspended U.S. manufacturing after a ransomware attack impacted production systems, illustrating how a corporate-network breach can rapidly reach plant-floor CPS and OT controls. Product safety was not reported affected, but the outage is being framed as a sector-wide wake-up call given supplier access risks and the tight IT/OT integration in food & beverage operations.

Source: Food Processing

Active Exploitation of SonicWall SMA Zero-Days Enables INC Ransomware Lateral Moves

Attackers from the INC ransomware group have been exploiting two SonicWall SMA flaws (CVE-2026-15409 SSRF, CVE-2026-15410 code injection) to achieve unauthenticated root RCE, exfiltrate credentials, session stores and TOTP seeds, and pivot to domain controllers. CISA added both CVEs to its KEV catalog and SonicWall released emergency hotfixes; defenders are urged to treat edge appliances with an assume‑breach posture and patch immediately.

Source: Dark Reading

Jaguar Land Rover Retrospective Underscores Production Risks of IT/OT Convergence

A new analysis of the August 2025 Jaguar Land Rover incident — the most costly cyber event in UK history — shows five-week plant shutdowns, a 27% drop in UK car production in September 2025, and an estimated £1.9 billion economic impact that cascaded through just‑in‑time supply chains. The case reinforces that in converged environments containment often requires halting OT operations and that recovery timelines extend far beyond initial remediation.

Source: Industrial Defender

NCC Group and Siemens Announce UK Partnership to Strengthen OT Resilience

NCC Group and Siemens signed a Memorandum of Understanding to collaborate on OT cybersecurity for UK industry, energy and defence, combining Siemens’ automation expertise with NCC’s cyber resilience services to protect operators and supply chains. The agreement signals growing private-sector investment in industrial cybersecurity and emphasizes coordinated approaches to asset lifecycle and supply-chain risk management.

Source: Security Brief

Microsoft July Patch: 570 Vulnerabilities Highlight OT/IoT Device Exposure

July’s Patch Tuesday fixed a record 570 vulnerabilities — including three zero‑days, two currently exploited flaws, and 59 critical ratings — with several patches addressing OT and IoT device issues. Security experts warned that aging embedded devices and unpatched third‑party components in critical infrastructure elevate operational risk, recommending prioritized patching, compensating controls, and lifecycle management for device fleets.

Source: eSecurity Planet

These developments underline the need for continuous OT/ICS vigilance: assume breaches at network edges, enforce strict supplier access controls, prioritize actively exploited and edge-device patches, and invest in cross‑sector partnerships and lifecycle management to reduce the risk of production‑stopping incidents.


Share this