96% of Chief Information Security Officers (CISOs) agree that the convergence of operational technology (OT) and information technology (IT) security is essential for protecting critical infrastructure from emerging threats.

There were 333 ransomware attacks detected by Trellix specifically targeting critical infrastructure sectors from April 1 to September 30, 2025.

The energy sector experienced a 387% increase in attacks compared to the previous year.

In 2025, 2,332 ransomware incidents targeted critical infrastructure, accounting for 50% of all incidents, compared to 1,745 incidents, which accounted for 54%, in 2024.

From January 1 to September 1, 2025, there were 4,701 recorded ransomware incidents, with 2,332 incidents (50%) targeting critical sectors such as manufacturing, healthcare, energy, transportation, and financial services.

From January 1 to September 1, 2024, there were 3,219 total recorded ransomware incidents, with 1,745 incidents (54%) targeting critical sectors.

In 2025, 50% of all ransomware attacks are projected to target critical infrastructure, highlighting the urgent need for enhanced cyber resilience strategies.

In 2025, the United States accounted for roughly 1,000 ransomware incidents targeting critical infrastructure, representing 21% of all global ransomware attacks.

41% of business and tech leaders prioritise changes in critical infrastructure location in response to the current geopolitical landscape.

Critical infrastructure remains a prime target for hactivist groups. Specifically: 44 attacks targeted government entities, including military services, 21% of attacks focused on the transportation and logistics sector, and 21% of attacks focused on the transportation and logistics sector..

72% of IT leaders believe that the cyber capabilities of nation-state actors have the potential to trigger a full-scale cyberwar, with devastating consequences for global critical infrastructure.