Kaspersky in collaboration with VDC Research have announced recently that during the first three quarters of this year, ransomware attacks on various manufacturing organizations could have generated more than $18 billion in losses. This figure is now said to reflect only the so-called “direct cost” of an idle workforce during downtime, “with overall operational and financial impacts far exceeding this amount.”
These recent estimations were made across APAC, Europe, the Middle East, CIS, LATAM, and other regions based “on the share of manufacturing organizations where ransomware attempts were detected and prevented, the total number of manufacturing organizations in each region, average downtime hours after real attacks, average number of employees per organization and average hourly pay.”
According to Kaspersky Security Network from January to September 2025, the Middle East (7%) and Latin America (6.5%) led the regional rankings in terms of ransomware detections in manufacturing organizations. APAC (6.3%) and Europe (3.8%) followed.
All of these attacks were “blocked by Kaspersky solutions.”
The estimation of potential losses shows “the financial impact if these attacks succeeded.”
When ransomware hits, production lines “halt, triggering immediate revenue losses from an idle workforce and longer-term shortfalls from reduced output.”
The average attack lasts around 13 days (based on Kaspersky Incident Response Report).
As a result, idle labor costs from ransomware in the first three quarters of 2025 could have reached:
- $11.5 billion in APAC
- $4.4 billion in Europe
- $711 million in LATAM
- $685 million in the Middle East
Actual business losses could have been significantly higher “when factoring in supply-chain disruptions, reputational damage, and recovery expenses.”
Jared Weiner, Research Director, Industrial Automation & Sensors at VDC Research said:
“Our research provides an estimation of the financial impact that ransomware may have had on manufacturing worldwide. The growing complexity of manufacturing environments, along with widening expertise gaps and ongoing labor challenges, makes it difficult for most organizations to manage cybersecurity effectively, but failure to do so may result in financial losses – followed by reputational blows as well. ”
Dmitry Galov, Head of Research Center for Russia and CIS at Kaspersky’s GReAT said:
“No region is exempt from ransomware … Mid-tier manufacturers that could have been overlooked by threat actors in the past are also among the targets because their security budgets are smaller and their supply chain disruption effects can be larger than most realize.”
They added that the manufacturing sector and all other organizations “need reliable, proven defense systems and continuous user education,”
