- Neeve
- Posts
- ⚡ OT Blind Spot Leaves Millions Dark
⚡ OT Blind Spot Leaves Millions Dark
Spain and Portugal blackouts leave investigators unable to determine if cause was cyberattack or technical failure—highlighting catastrophic gap in operational technology monitoring. Advanced AI reasoning models show alarming security weaknesses.
Alison Bridge
November 11, 2025
Welcome to your essential briefing on threats at the intersection of cybersecurity and critical infrastructure, brought to you by Neeve, the edge cloud security platform for smart buildings, making built spaces secure, intelligent, and sustainable.
This Week’s Cyber Insights
⚡ The Dangerous Blind Spot in Critical Infrastructure Cybersecurity
Power blackouts in Spain and Portugal left millions without electricity for hours in April 2025, yet investigators still can't determine if the disruptions were caused by maintenance issues, configuration changes, or deliberate cyberattacks—highlighting a catastrophic gap in operational technology monitoring.
Critical infrastructure including electric grids, water treatment facilities, and industrial plants remain alarmingly under-equipped for cybersecurity despite deep interconnection and digitalization.
While IT cybersecurity receives attention and investment, operational technology (OT) systems—the industrial control systems that make critical infrastructure critical—are often overlooked and presumed secure simply because they traditionally operated offline.
When serious outages occur without adequate monitoring, investigators find themselves in the dark—OT network data is often transitory and lost forever, forcing responders to rely on guesswork and incomplete evidence.
The inability to perform timely root cause analysis creates cascading problems: organizations can't determine best recovery actions, warn other operators of ongoing threats, or learn from incidents to prevent future exploitation.
The US Federal Energy Regulatory Commission (FERC) recently approved Internal Network Security Monitoring (INSM) Standard CIP-015-1, mandating monitoring of internal network traffic and detection of malicious activity for critical electric utility OT environments.
🤔 The Bigger Picture:
Building automation systems, HVAC controllers, and access control platforms face the same visibility gap—when your facility experiences an unexplained outage, can you prove it wasn't a cyberattack? Without OT monitoring capabilities, facility operators lack forensic evidence for insurance claims, regulatory disclosures, and incident response. Implement continuous network monitoring for all operational technology before an incident occurs, because once the data is gone, you'll never know what really happened.
🤖 Advanced AI "Thinking" Models Show Alarming Security Weakness
New research reveals a concerning paradox: the more sophisticated AI reasoning models become, the more vulnerable they are to jailbreak attacks that can bypass their safety systems.
Study finds that advanced reasoning capabilities in AI models inadvertently weaken their safety systems
These vulnerabilities make AI models more prone to exploitation by malicious actors
The research raises significant concerns about AI security across various sectors
Experts emphasize the urgent need for improved safety measures and robust testing protocols
Current AI applications may be operating with previously unknown security risks
🤔 The Bigger Picture:
Smart building systems increasingly rely on AI reasoning models for automation and decision-making. These vulnerabilities could potentially compromise building security, HVAC controls, and access management systems.
🔴 Radiometrics VizAir System Under Critical Threat
CISA has issued an urgent advisory for Radiometrics VizAir system vulnerabilities scoring a perfect 10.0 CVSS rating - the highest possible severity level.
Critical vulnerability rated CVSS 10.0 - indicating maximum severity risk
System suffers from missing authentication for critical functions
Insufficiently protected credentials create additional attack vectors
Vulnerabilities are exploitable remotely with low attack complexity
CISA strongly advises immediate implementation of mitigation measures
🤔 The Bigger Picture:
Weather monitoring systems are critical for building automation and safety systems. Compromised weather data could lead to incorrect HVAC adjustments, emergency response failures, or compromised building environmental controls.
Further Alerts & Insights
🚀 Google Predicts AI Will Dominate Cybersecurity in 2026
Google forecasts that AI will take center stage in cybersecurity transformations next year, while MITRE updates its ATT&CK framework and McKinsey releases new agentic AI security guidance. The convergence highlights the critical importance of integrating AI into defense mechanisms against evolving threats targeting critical infrastructure.
🏛️ Congressional Budget Office Targeted in Suspected Foreign Cyberattack
The U.S. Congressional Budget Office reportedly suffered a suspected cyberattack where foreign adversaries may have gained unauthorized access to congressional networks. The incident underscores significant concerns about governmental data security and the urgent need for enhanced cybersecurity measures protecting critical infrastructure from foreign threats.
⚠️ Advantech DeviceOn/iEdge Platform Faces High-Severity Web Vulnerability
CISA warns of a high-severity vulnerability (CVSS 8.7) in Advantech's DeviceOn/iEdge platform, involving improper input neutralization during web page generation. The flaw is remotely exploitable with low attack complexity, prompting urgent recommendations for organizations to implement protective mitigations.
🔧 ABB FLXeon Controllers Contain Multiple Critical Vulnerabilities
CISA has issued an advisory for ABB's FLXeon Controllers, revealing critical vulnerabilities with CVSS score 8.7. The issues include hard-coded credentials and improper input validation, making the systems remotely exploitable with low complexity, requiring immediate security measure implementation.