Global cybersecurity company Kaspersky said on the 1st that losses from ransomware attacks targeting manufacturing organizations worldwide in the first to third quarters of 2025 could have reached more than $18 billion (about 26.404 trillion won).
Kaspersky derived this estimate with VDC Research based on manufacturing organization size, Ransomware Detection rate, average downtime, number of employees, and average wages, and said the loss would likely be far greater when factoring in indirect damage such as supply chain disruptions, revenue declines, and reputational harm caused by actual business interruptions.
According to the Kaspersky Security Network, as of January–September this year, the ransomware Ransomware Detection rate in the institutional sector of manufacturing was highest in the Middle East (7%) and LATAM (6.5%), followed by ▲APAC (6.3%) ▲Africa (5.8%) ▲CIS (5.2%) ▲Europe (3.8%). All detected attempts were blocked by Kaspersky solutions, and the losses presented in this analysis refer to the potential damage that could occur from production shutdowns if the attacks had succeeded.
According to Kaspersky's incident response report, the average downtime for ransomware attacks targeting manufacturing is 13 days. Based on this, the potential regional labor cost losses in manufacturing for the first to third quarters of 2025 were tallied at ▲APAC $11.5 billion ▲Europe $4.4 billion ▲LATAM $711 million ▲Middle East $685 million ▲CIS $507 million ▲Africa $446 million. When a manufacturing organization is attacked, assembly lines and production facilities stop immediately, and the long-term expense incurred during recovery is also substantial.
Kaspersky recommended that corporations, including those in manufacturing, strengthen ▲endpoint ransomware prevention functions ▲adopt a specialized integrated industrial security framework for OT environments (KICS) ▲build threat detection and response based on Anti-APT and EDR ▲use tools to quantify the effectiveness of security investments. It also noted the importance of threat intelligence and professional training to strengthen the capabilities of corporate security teams.
Lee Hyo-eun, head of Kaspersky Korea, said, "Ransomware threats are casting a serious shadow over the entire manufacturing sector in Korea," and added, "As global attacks spread without targeting specific regions, midsize domestic manufacturing corporations with relatively limited security budgets are facing great risks amid increasingly complex production environments." Lee continued, "When an attack occurs, not only do assembly lines stop, but it also causes significant disruptions across the entire supply chain connected to global partners, and the trust built over a long period can be shaken," adding, "It is more important than ever to adopt integrated security solutions tailored to industrial characteristics and to strengthen training for security personnel."