Kaspersky: Cyberattacks on Manufacturing Sector Increased in Early 2026 as Industrial Systems Face Growing Threats
Cyberattacks targeting the manufacturing sector increased during the first quarter of 2026, according to a new report released by Kaspersky ICS CERT, highlighting the growing cybersecurity risks facing industrial environments worldwide.
The report revealed that malicious activity was detected and blocked on 19.6 percent of industrial control systems (ICS) globally during the first three months of the year. Kaspersky security technologies identified threats originating from more than 10,000 malware families targeting industrial automation environments across multiple sectors.
According to the findings, Africa recorded the highest regional percentage of attacked industrial control systems, with malicious objects blocked on 27.4 percent of ICS computers, significantly above the global average. Northern Europe reported the lowest level of activity at 9.1 percent.
The report noted that five regions experienced a quarter-on-quarter increase in cyberattacks targeting industrial systems, including Africa, Southern Europe, Northern Europe, Russia, and Canada.
Manufacturing Under Pressure
Among manufacturing organizations specifically, Southeast Asia recorded the highest percentage of attacked industrial control systems at 23.21 percent, followed by Africa at 21.36 percent and South Asia at 20.13 percent.
Kaspersky warned that cybercriminals continue to increase their focus on manufacturing companies due to the significant operational and financial disruption that successful attacks can cause.
Previous research conducted by Kaspersky and VDC Research estimated that ransomware attacks targeting manufacturing organizations generated more than $18 billion in losses globally during the first three quarters of 2025 alone. The actual impact may have been considerably higher when accounting for supply chain disruptions, recovery costs, reputational damage, and operational downtime.
Biometric Systems Remain the Most Exposed
The report also showed that biometric systems ranked first among industrial environments in terms of exposure to cyber threats, with malicious objects blocked on 26.4 percent of monitored systems.
Researchers attributed the elevated risk to the fact that many biometric systems maintain direct internet connectivity, are frequently used for email access, and often operate with limited cybersecurity controls.
Southern Europe recorded the highest attack rate against biometric systems at 35.15 percent, followed by Africa at 29.58 percent and Central Asia at 28.53 percent.
Legacy Systems Increase Risks
Evgeny Goncharov, Head of Kaspersky ICS CERT, said many manufacturing organizations continue to rely on legacy operational technology systems that were not originally designed to withstand modern cyber threats.
“Legacy operational technology systems remain deeply embedded in manufacturing environments, making them attractive targets. As supply chains become more interconnected, the attack surface extends far beyond traditional network boundaries,” Goncharov said.
He warned that attackers increasingly recognize that compromising industrial environments can result in costly factory shutdowns and major financial losses.
Strengthening Industrial Cybersecurity
To mitigate risks, Kaspersky urged organizations to conduct regular cybersecurity assessments of operational technology environments, continuously monitor vulnerabilities, and implement security updates and patches as quickly as operationally feasible.
The company also recommended deploying advanced Endpoint Detection and Response (EDR) technologies, strengthening incident response capabilities, and investing in specialized cybersecurity training programs for both IT security teams and operational technology personnel.
Kaspersky further emphasized the importance of proactive threat intelligence and continuous monitoring of the evolving cyber threat landscape to help organizations identify emerging risks before they can impact critical industrial infrastructure.
The findings underscore the growing importance of cybersecurity as manufacturing organizations accelerate digital transformation initiatives and integrate increasingly connected operational technologies into production environments.