Ransomware incidents on OT equipment surge

Uptime Intelligence has highlighted the growing number of high-profile ransomware incidents involving data center owners, operators and third-party vendors in recent reports (see Seven fallacies of data center cybersecurity and Cybersecurity and the cost of human error). Despite the rise in reported incidents, many operators and industrial facilities continue to use outdated security systems and practices, leaving them vulnerable to internal and external threats.

In the first quarter of 2025, Honeywell (the US supplier of control systems) discovered 2,472 new ransomware incidents on industrial control (ICS/OT) systems — a steep 46% increase from the previous quarter. Ransomware accounted for 39% of all threats (see The 2025 Honeywell Cyber Threat Report, June 2025; Table 1 and Table 2). While ransomware incidents are increasing across IT generally, these incidents are mostly not associated with OT/control systems.