Agentic Ransomware Targeting Autonomous Al Systems in OT/ICS Environments: Implications for Process Safety, System Reliability, and Operational Resilience
Akinde Michael Ogunmolu
*
Texas A&M University, 700 University Blvd, Kingsville, TX 78363, United States of America.
Asmau Abubakar Abdulmalik
School of Veterinary Medicine, Louisiana State University, Skip Bertman Drive, Baton Rouge, Louisiana, 70803, United States of America.
Abiola Omolola Bamsa
University of the Cumberlands, 104 Maple Drive, Williamsburg, KY 40769, United States of America.
Damilola Abidemi Akinwunmi
Glasgow Caledonian University, Cowcaddens Road, Glasgow, G4 0BA, Scotland, United Kingdom.
Emonena Patrick Obrik-Uloho
Prairie View A&M University, 100 University Dr, Prairie View, TX77446, United States of America.
*Author to whom correspondence should be addressed.
Abstract
This study examines the emerging threat of agentic ransomware, a novel class of cyberattack that targets autonomous artificial intelligence (AI) systems embedded within operational technology (OT) and industrial control system (ICS) environments. As industrial infrastructures increasingly integrate AI-driven automation, existing cybersecurity models remain insufficient to address threats capable of manipulating both digital processes and physical operations. To address this gap, this study adopts a quantitative analytical approach using three open-access datasets: Cybersecurity and Infrastructure Security Agency (CISA) ICS vulnerability advisories, the MITRE ATT&CK for ICS framework, and the U.S. Department of Energy OE-417 disturbance reports. The analysis integrates vulnerability exposure assessment, attack technique network modeling, and system reliability evaluation using frequency analysis, co-occurrence centrality metrics, and reliability indices. Findings reveal that industrial control devices account for 43.8% of identified vulnerabilities, while AI-driven analytics systems exhibit the highest severity (CVSS = 8.32) and significant remote exploitability (0.73). Furthermore, cyber-related disturbances demonstrate substantially lower reliability (0.28) compared to operational failures (0.83), indicating increased system instability under cyberattack conditions. Building on these findings, the study proposes and operationalizes an Agentic Ransomware Resilience Framework, introducing a composite resilience index that integrates vulnerability exposure, attack pathway centrality, and system recovery performance. The results highlight the critical role of AI-enabled components as emerging attack surfaces and emphasize the need for resilience-oriented cybersecurity strategies. The study concludes by recommending adaptive security architectures, network segmentation, AI-aware anomaly detection systems, and enhanced recovery mechanisms to safeguard intelligent industrial infrastructures against next-generation ransomware threats.
Keywords: Agentic ransomware, operational technology security, industrial control system vulnerabilities, AI-enabled cyber-physical systems, industrial infrastructure resilience