The ongoing conflict between Russia and Ukraine isn’t just fought on battlefields; it’s also a constant struggle in the digital realm. New destructive malware targeting critical infrastructure are continually making headlines.

Cisco Talos, recently uncovered a never-before-seen data wiper malware called PathWiper, used in a 2025 attack against a critical infrastructure entity in Ukraine.  The likely initial access vector was an Endpoint Admin tool, used to push cleverly disguised malicious commands to certain endpoints.  PathWiper quickly identified and overwrote connected storage.

On the other side of the conflict, another significant cyber activity has been observed. A Russian cybersecurity company, BI.ZONE, revealed campaigns targeting Moldovan and Russian companies, including those in nuclear, aircraft, instrumentation, and mechanical engineering sectors in Russia. Kaspersky researchers also reported on a pro-Ukrainian hacktivist group targeting Russian state-owned companies and organizations in technology, telecommunications, and production sectors.

Most of these attack cause destruction on the IT network, however the targeted industries raise concerns about the potential real world impact where these attacks would spill into the OT space.

Cybersplice offers solutions that can help protect against collateral damage and targeted attacks against Operational Technology, providing rapid visibility of OT networks using our Splicecloud platform. Cybersplice can also create a secure private sensor network via Splice-net, which is an encrypted overlay network that works on top of existing carrier infrastructure, offering secure, carrier-independent connectivity. Furthermore, Cybersplice provides an ICS Secure Access Edge that incorporates logical isolation, vulnerability shielding via an encrypted overlay network, passive node discovery, and secure remote access for operators and support partners.