Kaspersky reports rise in cyberattacks targeting manufacturing sector
Healthcare data has become one of cybercrime’ s most valuable commodities
CISO news
Kaspersky reports rise in cyberattacks targeting manufacturing sector
aspersky has reported an increase in cyberattacks targeting industrial organisations during the first quarter of 2026,
K with manufacturing environments experiencing growing levels of malicious activity across multiple regions.
According to a new report from Kaspersky ICS CERT, malicious objects were blocked on 19.6 % of industrial control systems( ICS) globally during the quarter. Kaspersky security solutions detected malware from 10,052 different malware families targeting industrial automation systems.
Regionally, the share of attacked ICS computers ranged from 27.4 % in Africa to 9.1 % in Northern Europe. Compared with the previous quarter, Kaspersky recorded increases in attacks against manufacturing organisations in several regions, including Europe and Asia.
The report found that Southeast Asia experienced the highest proportion of attacks on manufacturing ICS computers at 23.21 %, followed by Africa at 21.36 % and South Asia at 20.13 %.
Kaspersky also highlighted the financial impact of cyberattacks on manufacturers. Research conducted by Kaspersky and VDC Research estimated that ransomware attacks against manufacturing organisations generated more than US $ 18 billion in losses globally during the first three quarters of 2025, excluding wider costs such as supply chain disruption, reputational damage and recovery expenses.
“ Legacy operational technology systems remain deeply embedded in manufacturing environments, which makes them vulnerable,” said Evgeny Goncharov.
“ Supply chain complexity and branching of the trusted partner network expands the attack surface beyond the network perimeter.”
Healthcare data has become one of cybercrime’ s most valuable commodities
ew research from TrendAI reveals that stolen healthcare data is now being traded through a mature underground
N economy spanning ransomware groups, access brokers, fraud marketplaces and credential sellers.
Over a 12-month period, TrendAI researchers analysed 7,779 underground forum posts, 21,813 marketplace listings and 95 ransomware leak sites linked to healthcare-related cybercrime activity. The findings show that healthcare data remains one of the most valuable commodities in the cybercriminal underground due to its permanence, sensitivity and ability to support multiple forms of fraud simultaneously.
The research found that ransomwarerelated data sales accounted for more than a third( 36.3 %) of marketplace activity, with attackers increasingly combining encryption with data theft and extortion. Researchers also identified growing targeting of electronic health record( EHR) and electronic medical record( EMR)
Andrew Philp vendors, enabling single breaches to expose hundreds of downstream healthcare organisations.
Andrew Philp, Field CISO ANZ at TrendAI, warns that supply chain compromises involving healthcare software vendors and medical platforms are becoming a major risk multiplier for the sector, enabling attackers to scale operations far beyond individual hospitals or clinics.
“ Patient data is a lucrative target for cybercriminals. Health data is permanent, deeply sensitive and highly reusable, with a single breach creating long-term consequences for individuals, healthcare providers and the wider health ecosystem,” he said.
“ This research reinforces why healthcare providers continue to be under the microscope of regulators.”
WWW. INTELLIGENTCISO. COM 11