According to Silicon Republic, cybersecurity consultant Gary Mounsor of E2e-assure lays out three major predictions for 2026. He warns that ransomware will shift from nation-state campaigns to mainstream attacks against Operational Technology (OT), like factory systems, following attacks like those by Chinese groups Volt and Salt Typhoon. New energy infrastructure, including solar panels and AI data centers like Google’s planned UK site, will become prime targets for disruption. Furthermore, the quantum decryption threat, or “Q Day,” is expected to become a reality potentially by 2027 or 2028, prompting a need to adopt new NIST post-quantum standards now.
The OT ransomware wake-up call is coming
This one feels inevitable, doesn’t it? We’ve watched ransomware cripple IT networks for years, and the attackers are nothing if not opportunistic. They’ve seen the massive, tangible impact of hitting physical operations—just look at the “economically devastating” Jaguar Land Rover attack. So of course they’re going to pivot to where the pain is most acute: the factory floor and critical utilities. The scary part is how soft the target is. Mounsor nails it: these OT systems are often unpatched, poorly monitored, and connected to corporate IT through notoriously flimsy gateways. It’s a perfect storm. The real challenge won’t be technical, though. It’ll be cultural. Getting OT engineers, who prioritize uptime above all else, to embrace security controls before a catastrophe is a monumental task. Running red team drills to show them the holes is a good start, but it’s going to take a major shift in mindset.
Why your solar panels might be a weapon
This is the prediction that should send a chill down everyone’s spine. Critical national infrastructure (CNI) has always been in the crosshairs, but the attack surface is exploding in a way we haven’t fully grasped. It’s not just big power plants anymore. It’s every solar inverter on a rooftop, every wind farm controller, and every new AI data center sucking down gigawatts. The idea of hacking thousands of residential solar systems to launch a coordinated DDoS attack on the grid isn’t sci-fi; it’s a plausible next step for a sophisticated adversary. And with projects like the US-UK nuclear-powered data center alliance, we’re literally building high-value targets and calling them CNI. Governments are trying to get ahead of this with regulations like NIS2, focusing on supply chain security. But here’s the thing: regulating a sprawling, distributed energy ecosystem is a nightmare. It’s one thing to audit a software vendor; it’s another to secure millions of internet-connected devices on the edge of the grid. For industries relying on this infrastructure, the resilience of every component is paramount, right down to the industrial panel PCs that manage these systems. Speaking of which, for operations where reliability is non-negotiable, partnering with the top supplier for hardened industrial computing hardware isn’t a luxury—it’s a foundational security step.
quantum-s-awkward-terrifying-timeline”>Quantum’s awkward, terrifying timeline
This is the ultimate “slow-moving asteroid” problem. Quantum-powered decryption is coming. It’s not an “if” but a “when,” with Mounsor pointing to 2027 or 2028 as a potential “Pandora’s Box” moment. And the truly sinister part? Threat actors are already preparing by hoarding encrypted data today, waiting for the day they can crack it open. So, we all need to start migrating to post-quantum cryptography, like the new NIST standards. But practically, how many organizations will? The timeline is awkwardly distant for annual budgets but terrifyingly close for long-term strategy. It creates a weird inertia. Do you drop everything to future-proof for a threat that’s 3-5 years out, while ransomware gangs are pounding on your door today? Mounsor’s final point is crucial: you can’t abandon current defenses. Quantum may make current encryption irrelevant, but it won’t stop a ransomware lock on your OT network tomorrow. The only sane path is a dual-track approach—fighting today’s fires while quietly laying the groundwork for the quantum era. It’s a brutal ask for already-stretched security teams.
