After the great blackout that we live yesterday nationwide, and even in some areas of Europe, the security of critical infrastructure is again a priority concern in the field of cybersecurity. ESET warns in your report Cybersecurity Trends 2025: Malicious use of generative AI and Operational Technologies in the Mira That attacks aimed at essential services – as energy, transport or water – could be intensified in the coming months, driven by the malicious use of artificial intelligence and new intrusion tactics.

According to ESET, cyber attacks to critical infrastructure usually follow a pattern similar to that of attacks on public or private sector companies. It all starts with an entry point, which can be from vulnerability in a outdated system to a social engineering technique that cheats an employee or supplier with access to systems.

Once inside, the attackers execute the threat with the aim of causing the greatest possible damage. This can translate into the destruction of systems, theft or kidnapping of information through ransomware, or even in the interruption of infrastructure functioning.

“Between each phase of a cyber attack can happen from a few minutes to months, depending on the final objective of the attackers,” explains Josep Albors, responsible for research and awareness in ESET Spain. “We must also take into account that not all attacks on critical infrastructure have a geopolitical motivation; many respond to economic interests and can collaterally affect essential services.”

Recent cases: from the conflict in Ukraine to attempts in the US

The last years have demonstrated the real impact of this type of threats. In 2015, an attack with malware Black Energy left hundreds of thousands of citizens in Ukraine without electricity. In 2016, another family of malware, Industroyer, affected the capital of the country, and in 2022, its Industroyer 2 variant tried to replicate the damage during the war, although without success thanks to the coordinated action of the Cert of Ukraine and ESET experts.

After the blackout, ESET alert about cyber attacks to critical infrastructures and its consequences

Beyond the war context, similar threats have also been detected in other countries. In the United States, for example, an attempt to sabotage was frustrated to a water treatment plant, which highlights the fragility of systems that until recently were not connected to public networks.

In addition, as critical infrastructure adopt digital technologies to optimize their operation, they also expand their attack surface. “As these facilities have been connected to various networks, the risks they face have also increased,” Albors warns. “Although there are mechanisms to mitigate practically all kinds of attack, it is essential not to rule out the possibility that an incident has a non -cybernetic origin, such as technical or human failures.”

After the blackout: ESET recommendations

To reduce risks, ESET suggests a comprehensive approach that combines technology, processes and training:

  • Implement solutions of Threat Intelligence and Threat Hunting to detect threats before they materialize.
  • Design clear incident response plans.
  • Adopt the Zero Trust model and a layer security architecture.
  • Promote continuous training of information on information security.
Alex Chen
Alex Chen

Alex Chen serves as the chief editor of Asia Tech Journal, bringing over a decade of experience in technology journalism. Previously writing for several globally renowned publications, Alex is celebrated for his insightful analyses and in-depth reporting on tech trends across Asia. Passionate about innovation, Alex specializes in the dynamic technology ecosystem of China and its global impacts.