Connect with us

Hi, what are you looking for?



Ransomware Attacks on Industrial Orgs Increasingly Impact OT Systems: Survey

Ransomware attacks aimed at industrial organizations are increasingly impacting OT systems, according to a Claroty report.

Ransomware attacks aimed at industrial organizations are increasingly impacting operational technology (OT) systems, according to a survey commissioned by OT and IoT security firm Claroty.

Claroty on Wednesday published its 2023 ‘Global state of industrial cybersecurity’ report, which is based on responses from a survey of 1,100 IT and OT security professionals representing organizations in the Americas, EMEA and APAC regions. 

Three-quarters of respondents confirmed suffering a ransomware attack in the past year. In 21% of cases, the attack impacted only IT systems. In 17% of cases, the incident affected OT systems, and 37% of attacks hit both IT and OT systems. 

This 37% is significant, including for the fact that it’s a 10% increase compared to 2021, when Claroty commissioned a similar survey. 

Globally, 12% of respondents described the impact of the attack as extreme, which means it resulted in signficant or full operations shutdown for more than one week, and 10% said impact was severe, meaning it impacted more than one site or function for over a week. 

Of the IT/OT professionals who took part in the survey, two-thirds admitted making a ransom payment in response to the attack, including 6% who admitted paying more than $5 million, and 12% paying $1-5 million. 

In 23% of cases, the financial cost incurred as a result of the ransomware attack exceeded $1 million and more than 50% reported costs between $100,000 and $999,000.

A majority of organizations are aware of the potential threat posed by ransomware and have a cyber insurance policy. 

Advertisement. Scroll to continue reading.

Respondents have also been asked about their use of generative AI for cybersecurity and their concerns regarding its use.

More than 60% of organizations use security tools that leverage generative AI and 27% are interested in doing so. However, in 44% of cases, the use of AI capabilities actually raises the respondent’s security concerns.

Related: Ransomware Often Hits Industrial Systems, With Significant Impact: Survey

Related: Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report

Related: Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.


Wago has patched critical vulnerabilities that can allow hackers to take complete control of its programmable logic controllers (PLCs).


Energy giants Schneider Electric and Siemens Energy confirm being targeted by the Cl0p ransomware group in the campaign exploiting a MOVEit zero-day.


Mandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in...


Municipal Water Authority of Aliquippa in Pennsylvania confirms that hackers took control of a booster station, but says no risk to drinking water or...