Ransomware attacks against industrial operators increased by 46% from the last quarter of 2024 to the first quarter of 2025, according to Honeywell’s latest Cybersecurity Threat Report. The report also identified a significant rise in both malware and ransomware incidents during this period, including a sharp increase in the use of a trojan targeting credential theft among industrial operators.
Paul Smith, director of Honeywell Operational Technology (OT) Cybersecurity Engineering and author of the report, said: “Industrial operations across critical sectors like energy and manufacturing must avoid unplanned downtime as much as possible – which is precisely why they are such attractive ransomware targets. These attackers are evolving fast, leveraging ransomware-as-a-service kits to compromise the industrial operations that keep our economy moving.”
The United States’ Cybersecurity and Infrastructure Security Agency (CISA) defines substantial cybersecurity incidents as those resulting in unauthorized access that causes major operational downtime or impairment. Industry data indicates that unplanned downtime from cyberattacks or equipment failures costs Fortune 500 companies about $1.5 trillion annually, accounting for roughly 11% of their revenue.
Honeywell researchers based their findings on an analysis of more than 250 billion logs, 79 million files, and 4,600 incident events blocked across its global installed base. The report broadened its focus to include threats delivered via Human Interface Devices (HID), such as mice, charging cords for mobile devices, laptops, and other peripherals commonly used during software updates or patching on-premise systems.
Smith added: “With increasingly significant threats and updated SEC reporting regulations requiring the disclosure of material cybersecurity incidents, industrial operators must act decisively to mitigate costly unplanned downtime and risks, including those linked to safety. Leveraging Zero Trust architecture and AI for security analysis can speed detection and enable smarter decision making and proactive defense in an increasingly complex digital landscape.”
Honeywell operates globally across several industries with business segments focused on automation, aviation’s future, energy transition, building automation, aerospace technologies, industrial automation, and sustainability solutions. More information about Honeywell is available at www.honeywell.com/newsroom.
