Hacktivism is increasingly merging with cybercriminal and state interests, expanding beyond defacements and DDoS to more advanced operations, including attacks on critical infrastructure. 

Understanding the current tactics, techniques and procedures (TTPs) of the most relevant hacktivist groups provides insight into the modern threat landscape. 

In this talk, we’ll review some of the most relevant groups, alliances and attacks and discuss lessons learned, including the need to eliminate default credentials, segment OT networks rigorously, and deploy deep-packet inspection for threat detection.