The Fight Against Ransomware Heats Up on the Factory Floor

Steven

The Fight Against Ransomware Heats Up on the Factory Floor

Summary

Ransomware actors continue to prioritise manufacturing, exploiting the sector’s large attack surface, legacy operational technology (OT) and tight tolerance for downtime. Recent industry reports (Black Kite, Dragos, BitSight) show manufacturing as the top target: 22% of reported attacks between April 2024 and March 2025, and a high share of industrial incidents in Q2 2025.

Attackers now use ransomware-as-a-service, extortion-only tactics and increasingly AI to refine attacks. The article highlights patch management as a critical weak point and explains how disruption to production creates strong incentives for victims to pay. Recommended defences include prioritised patching, improved IT/OT visibility and segmentation, multifactor authentication, least-privilege access and robust third-party risk management.

Key Points

  • Manufacturing was the top ransomware target in multiple reports β€” 22% of attacks (1,314 of 6,046) in Apr 2024–Mar 2025 per Black Kite.
  • RaaS, data-extortion (no encryption) and AI-driven tactics are lowering barriers and increasing attack sophistication.
  • Manufacturing’s mix of legacy OT, IoT and modern IT widens the attack surface and complicates patching and segmentation.
  • Poor patch management is singled out as the weakest link: many organisations run with critical vulnerabilities and known exploited CVEs.
  • Real-world disruption (e.g. Asahi, Jaguar Land Rover) shows how downtime prompts ransom payments and supply-chain fallout.
  • Practical mitigations: timely patching, full IT/OT network visibility, strong segmentation, MFA, least-privilege/zero-trust and proactive third-party risk controls.

Why should I read this?

Short version: if you care about keeping factories running or protecting supply chains, this is a quick reality check. It explains why attackers love manufacturing, shows the real costs of downtime, and tells you the practical steps that actually reduce risk. We read it so you don’t have to β€” but you should.

Context and Relevance

The piece matters because manufacturing disruptions ripple through global supply chains and can cause wide economic impact. Insurers are seeing rising industrial claims, and the adoption of AI by attackers makes the threat more dynamic. For security teams and operational leaders, the article reinforces that fixing patch management and improving IT/OT collaboration are urgent priorities. Closing those gaps across partner ecosystems is key β€” otherwise the trend of targeted attacks will continue.

Source

Source: https://www.darkreading.com/ics-ot-security/ransomware-manufacturing-an-escalating-battle