Kaspersky (www.Kaspersky.co.za) in collaboration with VDC Research announced that in the first three quarters of 2025 ransomware attacks on manufacturing organisations could have generated over $18 billion in losses.
This figure reflects just the direct cost of an idle workforce during downtime, with overall operational and financial impacts far exceeding this amount.
Estimations were made across APAC, Europe, the Middle East, Africa, CIS and LATAM based on the share of manufacturing organisations where ransomware attempts were detected and prevented, the total number of manufacturing organisations in each region, average downtime hours after real attacks, average number of employees per organisation and average hourly pay.
According to Kaspersky Security Network from January to September 2025, the Middle East (7%) and Latin America (6.5%) led the regional rankings in terms of ransomware detections in manufacturing organisations. APAC (6.3%), Africa (5.8%), CIS (5.2%) and Europe (3.8%) followed. All of these attacks were blocked by Kaspersky solutions. The estimation of potential losses (below) shows the financial impact if these attacks succeeded.
When ransomware hits, production lines halt, triggering immediate revenue losses from an idle workforce and longer-term shortfalls from reduced output. The average attack lasts 13 days (based on the Kaspersky Incident Response Report) (https://apo-opa.co/4pA9PUK). As a result, idle labour costs from ransomware in the first three quarters of 2025 could have reached:
- $11.5 billion in APAC
- $4.4 billion in Europe
- $711 million in LATAM
- $685 million in the Middle East
- $507 million in CIS
- $446 million in Africa
Actual business losses could have been significantly higher when factoring in supply-chain disruptions, reputational damage, and recovery expenses.
“Our research provides an estimation of the financial impact that ransomware may have had on manufacturing worldwide. The growing complexity of manufacturing environments, along with widening expertise gaps and ongoing labour challenges, makes it difficult for most organisations to manage cybersecurity effectively, but failure to do so may result in financial losses – followed by reputational blows as well. Partnering with proven cybersecurity vendors is paramount for effective IT, OT and IIoT protection,” comments Jared Weiner, Research Director, Industrial Automation & Sensors at VDC Research.
“No region is exempt from ransomware – whether it’s the Middle East, LATAM, APAC, CIS, Africa or Europe, every manufacturing hub is constantly being targeted. Mid-tier manufacturers that could have been overlooked by threat actors in the past are also among the targets because their security budgets are smaller and their supply chain disruption effects can be larger than most realise. The manufacturing sector and all other organisations need reliable, proven defence systems and continuous user education,” comments Dmitry Galov, Head of Research Center for Russia and CIS at Kaspersky's GReAT.
More information about ransomware in different regions is available in Kaspersky’s 2025 State of Ransomware Report (https://apo-opa.co/43LYE2H).
Kaspersky encourages organisations to follow these best practices to safeguard from ransomware:
- Enable ransomware protection for all endpoints. There is a free Kaspersky Anti-Ransomware Tool for Business (https://apo-opa.co/48fN4xZ) that shields computers and servers from ransomware and other types of malware, prevents exploits and is compatible with already installed security solutions.
- For comprehensive protection of industrial and critical sectors, Kaspersky offers a distinctive ecosystem that seamlessly integrates dedicated OT-grade technologies, expert knowledge and invaluable expertise. At the core of this ecosystem is Kaspersky Industrial CyberSecurity (KICS) (https://apo-opa.co/3K8S27W), a native Extended Detection and Response (XDR) platform designed for critical infrastructure protection. It provides robust network traffic analysis, along with endpoint protection, detection and response capabilities. This comprehensive solution integrates traditional IT security measures with purpose-built industrial security technologies, ensuring that your company is well-equipped to face any threat.
- Companies from non-industrial sectors can protect themselves by installing anti-APT and EDR solutions that enable capabilities for advanced threat discovery and detection, investigation and timely remediation of incidents. Organisations can also provide their SOC teams with access to the latest threat intelligence (https://apo-opa.co/4oZWhSr) and regularly upskill them with professional training. All of the above is available within Kaspersky Next Expert (https://apo-opa.co/4rpBklE).
Distributed by APO Group on behalf of Kaspersky.
Copyright: Fresh Angle International (www.freshangleng.com)
ISSN 2354 - 4104
Sponsored Ad
Our strategic editorial policy of promoting journalism, anchored on the tripod of originality, speed and efficiency, would be further enhanced with your financial support.
Your kind contribution, to our desire to become a big global brand, should be credited to our account:
Fresh Angle Nig. Ltd
ACCOUNT NUMBER: 0130931842.
BANK GTB.
×
![]()