1. Greater Sophistication of State-Sponsored and Criminal Actors
The latest ACSC Cyber Threat Report makes clear that Australia is facing “the most complex and challenging strategic environment since the Second World War”. Malign state actors and cybercriminal groups alike are refining their tradecraft—employing remote-access trojans, reconnaissance, supply-chain exploitation and ransomware pivoting from IT into OT and critical-infrastructure regimes. The report notes that threats to our networks, critical systems and infrastructure are intensifying.
For OT operators, this means that the assumption that ancient OT systems are somehow off-limits no longer holds. Legacy and bespoke control systems are now legitimate targets, particularly where they provide lateral pathways from IT. The operational disruption or physical-safety implications of such attacks make OT environments uniquely attractive to threat actors looking to cause national-scale harm.
2. Critical Infrastructure Targeted and Incident Volumes Rising
In the current reporting period, the ACSC documented more than 36,700 calls to its hotline and over 87,000 cybercrime reports—on average one every six minutes. Importantly, about 11 per cent of the cyber-security incidents handled by the ACSC directly involved assets classed as critical infrastructure. This confirms what many in the industry have suspected: ACSC Cyber Threat Report data shows that industrial targets are no longer just collateral damage; they are the primary objective.
For OT operators, the implication is clear: the threat surface is no longer abstract—it is real, observable and growing. Control-system breach, OT ransomware, supply-chain compromise and degraded availability of service are no longer “what-if” scenarios but “when”. Organisations must treat their OT infrastructure as part of the national critical-infrastructure fabric and plan accordingly.
3. Supply-Chain and Vulnerabilities: Higher Risk of OT Compromise
Many compromises rely not on highly bespoke zero-day malware, but on unpatched or mis-configured systems, and exploitation via third-party service providers. The ACSC Cyber Threat Report emphasises this further by referencing visibility, network-connected systems and the need for stronger partnerships and reporting. For OT environments—where hardware may persist for decades and patching windows are constrained—this is a critical vulnerability.
The supply chain into OT (vendors, integrators, remote-service providers) now represents a direct avenue for threat actors. OT operators must prioritise inventory, segmentation, vendor-management and vulnerability-monitoring across systems that may not have been designed for current threat profiles. This visibility is the first step toward true resilience.
4. Ransomware and Extortion Affecting Industrial Firms
While ransomware figures are often cast in broad terms, the ACSC Cyber Threat Report highlights a marked rise in incidents. Many of these attacks leverage lateral movement from IT networks into operational systems. For OT leaders, the threat is no longer purely data-theft: the risk of production stoppage, equipment damage, safety breaches or regulatory shutdown is real. Resilience planning must assume ransomware actors multiply their leverage by bridging IT/OT domains.
The Orro View: “OT cyber-resilience hinges on three pillars: visibility, segmentation and preparedness. COMPLACENCY IS NO LONGER AN OPTION. Firms that embed OT-cyber as part of their wider risk roadmap are better placed to cope with today’s adversarial landscape.”
Conclusion
The latest ACSC Cyber Threat Report delivers a clear warning: threats targeting operational systems and critical infrastructure are evolving and escalating. Ignoring the OT dimension exposes organisations to undesired outcomes in safety, compliance and continuity. If you’re concerned about the resilience of your operational environments, Orro’s experts can help you assess where your organisation stands.
Contact Orro today to discuss your OT security posture.
Download our OT Cyber Resilience Action Plan for practical steps to improve visibility, compliance and protection across your OT network.
Sources: Australian Cyber Security Centre (ACSC) Annual Cyber Threat Report 2023–24; Australian Government Department of Defence media release. Additional context from Claroty and Fortinet partner materials.
