Report Confirms Surge in Updated Ransomware Attacks

Use of a specific trojan malware strain to steal industrial credentials has grown by 3,000 percent.

Jun 5, 2025
Computer Crime Concept 516607038 2125x1416 (1)

In a growing wave of sophisticated cyber threats against the industrial sector, ransomware attacks jumped by 46 percent from Q4 2024 to Q1 2025, according to Honeywell's new 2025 Cybersecurity Threat Report. The research also found that both malware and ransomware increased significantly in this period and included a 3,000 percent spike in the use of one trojan designed to steal credentials from industrial operators.  

Paul Smith, director of Honeywell Operational Technology (OT) Cybersecurity Engineering, who authored the report, states, “These attackers are evolving fast, leveraging ransomware-as-a-service kits to compromise the industrial operations that keep our economy moving.”   

The Cybersecurity and Infrastructure Security Agency (CISA) in the United States defines incidents as substantial if they enable unauthorized access leading to significant operational downtime or impairments. Industry reports show that unplanned downtime, caused by cybersecurity attacks and other issues like equipment failure, cost Fortune 500 companies approximately $1.5 trillion annually,  representing 11 percent of their revenue. 

To develop the report, Honeywell researchers analyzed more than 250 billion logs, 79 million files and 4,600 incident events that were blocked across the company’s global install base, finding:

  • Ransomware is still on the rise: 2,472 potential ransomware attacks were documented in the first quarter of 2025, which represent 40 percent of the annual total from 2024.
  • Trojans are exploiting industrial access: A dangerous trojan targeting OT systems – W32.Worm.Ramnit – accounted for 37 percent of files blocked by Honeywell’s Secure Media Exchange (SMX). This finding points to a 3,000 percent spike in the trojan compared to the previous quarter.
  • USB-based threats persist: 1,826 unique USB threats were detected via SMX in Q1 2025, with 124 never-before-seen threats – indicating a persistent risk via external media and USB devices. This built on a 33 percent increase in USB malware detections in 2023, following a 700 percent year-over-year surge in 2022. 

The report expanded its analysis to include threats delivered through additional plug-in hardware – known as Human Interface Device (HID) – including mice, charging cords for mobile devices, laptops and other peripherals often used when updating or patching software for on-premise systems. 

“With increasingly significant threats and updated SEC reporting regulations requiring the disclosure of material cybersecurity incidents, industrial operators must act decisively to mitigate costly unplanned downtime and risks, including those linked to safety,” Smith said. “Leveraging Zero Trust architecture and AI for security analysis can speed detection and enable smarter decision making and proactive defense in an increasingly complex digital landscape.” 

 

To learn more and download the full report, visit this website. 

Latest in Cybersecurity
Today in Manufacturing Podcast
Sponsored
Today in Manufacturing Podcast
May 1, 2025
Industrial Cyber
Understanding Cyber Acceptance Testing
June 5, 2025
Microsoft Hjbc
Death, Taxes and Microsoft Vulnerabilities: The Unavoidable Truths in Life
June 5, 2025
Computer Crime Concept 516607038 2125x1416 (1)
Report Confirms Surge in Updated Ransomware Attacks
June 5, 2025
Related Stories
Ransomware
Cybersecurity
CISA Updates Guidance on Play Ransomware
Industrial Cyber
Cybersecurity
Understanding Cyber Acceptance Testing
Microsoft Hjbc
Cybersecurity
Death, Taxes and Microsoft Vulnerabilities: The Unavoidable Truths in Life
Today in Manufacturing Podcast
Sponsor Content
Today in Manufacturing Podcast
More in Cybersecurity
Security Breach Podcast
Sponsored
Security Breach Podcast
A new video series from Manufacturing.net - Security Breach, looks to offer the insight and tools needed to ready your company's defenses. Stay up-to-date on today's vital cybersecurity topics by subscribing here.
May 1, 2025
Industrial Cyber
Cybersecurity
Understanding Cyber Acceptance Testing
The proactive strategy proving key for industrial control systems leaders.
June 5, 2025
Microsoft Hjbc
Cybersecurity
Death, Taxes and Microsoft Vulnerabilities: The Unavoidable Truths in Life
Microsoft vulnerabilities have hit an all-time high, but there's good and bad news in those numbers.
June 5, 2025
Financial Cyber
Cybersecurity
A Pragmatic Look at Legacy IT in Manufacturing
Increased risk and more data-driven decisions means security investment has to be a greater priority.
June 5, 2025
Phishing Tadamichi
Cybersecurity
Research Finds Training Produces Huge Reductions in Phishing Attack Success
Click rates dropped by as much as 86 percent.
May 29, 2025
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
Survey Finds Zero-Day Threats and Compliance Failures Driving Vendor Selection
Evolving vulnerability exploitations and high-profile data breaches are fueling decisions.
May 29, 2025
Financial Cyber
Cybersecurity
The $100 Infostealer Threat That is Devastating Companies
Insights from the dark web reveal the low cost-high reward dynamics of new data breach attacks.
May 29, 2025
Soc
Cybersecurity
Research Shows Cybersecurity Driving Manufacturing Growth
More are reframing cybersecurity as a core driver of innovation, resilience and productivity.
May 28, 2025
Sbd Vadim Shechkov
Cybersecurity
Embedding Stronger Product and Supply Chain Security
Secure by Design is no longer a technical aspiration - it’s a strategic necessity.
May 28, 2025
Ep139tn
Cybersecurity
Security Breach: 'We've Made Our Own Prison'
Insider threats are creating new attack vectors, but old-school solutions could rise to the challenge.
May 28, 2025
General Cyberattack
Cybersecurity
Scenario-Based OT Solution Preps Industrial Teams
It's designed to upskill red and blue teams with OT-specific, real-world detection and response capabilities.
May 22, 2025
Phishing Tadamichi
Cybersecurity
The Top 4 Developments in Phishing Schemes
The bad guys continue to evolve.
May 22, 2025
Encryption
Cybersecurity
Should Manufacturers Focus on Cybersecurity or Cyber Resilience?
One could be essential for the future of manufacturing.
May 22, 2025
Cybersecurity In A Bubble
Cybersecurity
Why Industrial Edge Cybersecurity Demands a Fresh Approach
Vulnerabilities persist because cybersecurity is an afterthought, rather than embedded from the ground up.
May 22, 2025
Coding
Cybersecurity
Shoring Up Digital Trust in Manufacturing: From DMARC Awareness to Full Protection
While most have this email guidance in place, the actual protection rate is significantly lower.
May 22, 2025