Cyber threats rising in manufacturing sector, study warns

A recent analysis by IDS-INDATA has revealed a significant rise in cyber attacks targeting the manufacturing sector, highlighting vulnerabilities in outdated operational technology and interconnected supply chains.

The study indicates a 50% increase in supply chain attacks, underscoring this as the fastest-growing cyber threat to the manufacturing industry. In 2023, such attacks affected 20% of manufacturing businesses, with this figure projected to rise to 30% in 2024.

"Cybercriminals are ramping up their attacks on the manufacturing sector, exploiting outdated operational technology (OT) systems and interconnected supply chains with devastating effects," the report noted.

The analysis also points to a 23.5% rise in ransomware incidents, affecting 42% of manufacturing businesses in 2024 compared to 34% in the previous year. These attacks have become increasingly sophisticated due to the use of AI, enabling malware to adapt in real-time and evade detection.

AI-powered malware attacks have increased by 11.1%, impacting 50% of businesses this year. These cyber threats are capable of learning from network environments and exploiting vulnerabilities in OT-IT networks, putting critical data and system integrity at risk.

Social engineering attacks have also seen an 8.6% spike, with 38% of manufacturing businesses affected in 2024. The incorporation of AI-generated deepfakes and automated scams makes these attacks more potent, as they manipulate human error—a notable weak point in cybersecurity.

Spear phishing remains a prevalent issue, with an increase of 4.8%, affecting 88% of firms. These cyber attacks utilise AI to customise email communications for targeted phishing, leveraging information collected from public sources.

The interconnected nature of supply chains creates cascading vulnerabilities, exposing manufacturers to severe disruptions. AI-driven tools are enabling cybercriminals to identify weak points, expanding the prevalence of these attacks.

Ryan Cooke, Chief Information Security Officer at IDS-INDATA, commented on the analysis, "The findings show an opportunity for manufacturers. Older systems that run on outdated software are increasingly vulnerable to attacks, whilst the lack of proper network segmentation dramatically increases the impact of malware and lateral movement." He added that addressing these risks is critical given the interconnected nature of supply chains.

IDS-INDATA recommends regular system evaluations to stay ahead of evolving cyber threats. "IDS-INDATA's testing and risk management services are designed to assess vulnerabilities in OT-IT networks and fortify defences against the growing tide of cyber threats, from ransomware to AI-powered malware," Cooke stated.

He further emphasised the importance of effective resilience planning, stating that "by ensuring that OT-IT systems are securely designed, regularly patched, and aligned with best practices, manufacturers can create a strong defence against even the most sophisticated threats."

The analysis underscores the need for manufacturers to modernise vulnerable systems, strengthen third-party risk management, implement advanced threat detection, and conduct regular cybersecurity training to mitigate AI-enhanced phishing and social engineering threats. The report warns against inaction, citing the amplified threat landscape due to AI and urging manufacturers to adopt robust cyber measures.