Module 11 · ICS Threat Actors

Manish Garg
Manish Garg Associate of (ISC)² · RingSafe
Apr 27, 2026
1 min read
Read as

Last updated: April 29, 2026

100% Free

No signup. No paywall. No catch. One of our 10 most-requested practitioner modules — published in full so anyone can learn for free. We earn through consulting, not by gating knowledge.

See all 10 free modules →

ICS attacks have public-policy gravity. Each provides defender learning.

ICS attacks have public-policy gravity. Each provides defender learning.

The big incidents

  • Stuxnet (2010) — Iranian nuclear centrifuges; multi-stage; PLC manipulation
  • BlackEnergy / Industroyer (2015-16) — Ukraine power grid; substations
  • TRITON / TRISIS (2017) — Saudi petrochemical; targeted safety systems
  • Colonial Pipeline (2021) — IT-side ransomware; OT shutdown precautionary
  • Pipedream / Incontroller (2022) — modular ICS toolkit; pre-deployment disclosure
Want this for your team?

Custom team training + practitioner advisory

Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.

Book team training call Replies in 4 working hrs · India-only · Senior consultants
← Previous · Module 10
Module 10 · Bluetooth & Zigbee Security
← Back to Academy Hub
Continue Learning

Other modules in this track

View all modules
Academy
Module 1 · Beginner

IoT vs OT, the Purdue model, defender constraints, threat landscape, notable real-world OT incidents.

Apr 22, 2026 · 4 min read
Academy
Module 2 · Intermediate

Hardware reconnaissance, UART/JTAG, firmware extraction with binwalk, BLE/Zigbee testing, cloud API audit.

Apr 22, 2026 · 5 min read
Academy
Module 3 · Intermediate

Modbus, DNP3, OPC-UA, S7Comm, EtherNet/IP, BACnet — protocol attack surfaces and defenses.

Apr 22, 2026 · 5 min read