Major ransomware incident disrupts U.S. critical infrastructure operations before 2026

Ransomware groups continue targeting operational technology and industrial control systems across U.S. critical infrastructure. CISA's known exploited vulnerabilities catalog and FBI flash advisories show persistent targeting of water utilities, energy operators, and healthcare systems. The shift from pure data theft to operational disruption—encrypting SCADA systems, forcing manual overrides, causing service outages—marks an escalation. This market captures whether that escalation produces at least one confirmed operational disruption at a U.S. critical infrastructure entity before 2026. Qualifying incidents must be publicly reported with confirmed operational impact: service outages, emergency shutdowns, or forced manual operations. Data exfiltration or encryption of business IT without OT/operational impact does not qualify. Sources: CISA advisories, FBI flash alerts, major outlet reporting, sector-specific ISACs.