New analysis of the cyber threat landscape in the manufacturing industry identifiers-INDATA It reveals a staggering 50% increase in supply chain attacks, making it the fastest growing cyber threat in the industry.
The analysis also highlights alarming rises in ransomware (23.5%), malware (11.1%), and social engineering attacks (8.6%), underscoring vulnerabilities in legacy IT and OT networks.
| Type of manufacturing threat | 2023 (% of manufacturing companies affected by these specific threats) | 2024 (% of manufacturing companies affected by these specific threats) | changes (%) |
| Spearfishing | 84 | 88 | 4.8 |
| Ransomware | 34 | 42 | 23.5 |
| Malware | 45 | 50 | 11.1 |
| Social engineering | 35 | 38 | 8.6 |
| Supply chain attacks | 20 | 30 | 50 |
As manufacturers increasingly rely on OT systems integrated with IT networks, unmanaged or legacy systems act as weak links, creating entry points for sophisticated AI-driven cyberattacks. Hackers are exploiting these vulnerabilities with alarming speed, leveraging artificial intelligence to automate and adapt their tactics.
This increase in AI-enhanced malware, deep social engineering, and ransomware underscores the urgent need to modernize these vulnerable systems.
Key findings
1. Supply chain attacks (50.0% increase):
The significant increase in this type of attack highlights the trend towards targeting third-party vendors and suppliers to compromise manufacturing systems. In 2023, these threats affected 20% of manufacturing companies, rising to 30% this year.
The interconnected nature of supply chains creates cascading vulnerabilities, leaving manufacturers vulnerable to devastating disruptions. AI-based tools are now enabling cybercriminals to automate the process of identifying vulnerabilities, accelerating the scale of these attacks.
2. Ransomware (23.5% increase):
Ransomware attacks are becoming more sophisticated, as cybercriminals use artificial intelligence to create malware that can adapt in real-time to avoid detection. According to analysis by IDS-INDATA, ransomware threats affected 34% of businesses in 2023, which rose to 42% this year.
Older OT systems, often running outdated software, are prime targets for these attacks. As a result, manufacturers face increased downtime, financial losses, and the risk of permanent damage to critical infrastructure.
3. Malware (11.1% increase):
AI-powered malware is more sophisticated than ever, as proven by its impact on half of manufacturing companies this year. These attacks can learn from network environments and adapt to exploit vulnerabilities within OT-IT networks, stealing sensitive data, disrupting productivity, and compromising system integrity.
4. Social Engineering (8.6% increase):
Social engineering tactics, including phishing and impersonation, affected more than a third of businesses in 2024 (38%). Due to deepfakes and automated AI-driven scams, these tactics are becoming increasingly influential.
Cybercriminals can create highly personalized attacks that exploit human error, one of the weakest links in cybersecurity manufacturing. This highlights the importance of ongoing training and awareness for manufacturers.
5. Phishing (4.8% increase):
Artificial intelligence has enhanced phishing campaigns, enabling cybercriminals to personalize individuals’ emails using personal information obtained from public sources. The 4.8% increase in targeted phishing incidents highlights the continued spread of these campaigns against the manufacturing sector. Phishing remains the leading threat affecting 88% of businesses.
This trend likely stems from manufacturers’ reliance on email communication for logistics and operational coordination.
Proactive cyber defense
“The results show an opportunity for manufacturers,” said Ryan Cook, chief information security officer at IDS-INDATA. “Legacy systems running on outdated software are increasingly vulnerable to attacks, while a lack of proper network segmentation dramatically increases the impact of malware and lateral movement.
Addressing these risks can help the industry overcome today’s sophisticated, AI-enhanced cyber threats, which is especially critical given the interconnected nature of supply chains.
“We advocate regular system scans to stay ahead of evolving threats,” Cook continued. “IDS-INDATA’s testing and risk management services are designed to assess vulnerabilities in OT-IT networks and strengthen defenses against the rising tide of cyber threats, from ransomware to AI-powered malware.”
Long-term flexibility
Manufacturers must also focus on resiliency planning to ensure long-term cybersecurity. IDS-INDATA excels at developing short- and long-term strategies, which include secure configurations, timely patching, and adherence to cybersecurity best practices. These strategies ensure that manufacturers are prepared to recover from current threats and prepared to meet future challenges.
“Effective resiliency planning is essential in today’s cybersecurity landscape,” Cook says. “By ensuring OT-IT systems are securely designed, regularly patched, and aligned with best practices, manufacturers can create a robust defense against the most complex threats.”
Manufacturers are urged to take immediate steps to:
- Evaluate and update legacy systems to reduce vulnerabilities.
- Enhancing third-party risk management, especially AI-enhanced cyber risks.
- Implement advanced threat detection and response strategies powered by artificial intelligence.
- Conduct regular cybersecurity training to learn about AI-driven phishing and social engineering techniques.
The cost of inaction is high. As AI amplifies cyber threats, manufacturers must address vulnerabilities with the same level of sophistication to ensure resilience and security in the face of rapidly evolving threats.
