Manufacturing has been the most targeted industry globally for cyberattacks for four consecutive years, according to the IBM X-Force Threat Intelligence Index. The industry accounts for more than 70 percent of ransomware attacks, and manufacturers consider cybersecurity their third most significant risk.
Production interruptions cost manufacturers significant money — an automotive manufacturer can lose an estimated $22,000 per minute a production line is down. Because of this pressure, manufacturers are more likely to pay ransoms quickly to restore operations.
The consequences of a successful cyberattack can be severe, potentially causing physical damage to equipment, safety hazards and significant financial and reputational harm. The manufacturing sector is also considered critical infrastructure because it is deeply linked to energy, transportation and IT and crucial for the U.S. economy.
The industry’s digital transformation plays a major role in its vulnerability. The adoption of Industry 4.0 technologies has connected information technology (IT) and operational technology (OT) systems, greatly expanding potential entry points for attackers. Many OT systems were not designed with modern security in mind.
OT Systems Create Significant Risks
Traditionally, OT systems were “disconnected” from the IT infrastructure and difficult to access unless the attacker was physically present. As a result, OT systems were designed for “security by obscurity,” with weak authentication and authorization controls.
Today, OT systems are connected to the IT network to enable data sharing, processing and analysis. Attackers who gain access to an OT device, whether through a physical connection or compromised credentials, could work their way through the network and access sensitive systems and data. The Industrial Internet of Things (IIoT) exposes these devices to the public Internet.
A 2025 report from OMICRON detailed a surge in industrial ransomware and specific vulnerabilities in OT environments. The report notes that network-based vulnerabilities account for more than 75 percent of attack vectors in these sectors.
Data Theft Drives Many Cyberattacks
Supply chain vulnerabilities create additional weaknesses. Attackers often target vendors and partners in the global supply chain to gain access to a larger manufacturer’s systems. In 2023, U.S. steel producer Nucor suffered a data breach resulting from a vulnerability in third-party software, leading to a class-action settlement for exposed employee data. The incident aligns with trends where attackers steal data before encrypting systems, adding pressure for ransom payment.
Manufacturers have valuable intellectual property that makes them lucrative targets for both financially motivated criminals and nation-state actors. In January 2025, Unimicron Technology, a major Taiwanese manufacturer of printed circuit boards, suffered a ransomware attack in which the perpetrators exfiltrated sensitive internal documents.
Legacy systems further amplify the risk. Many plants still operate with outdated equipment and software that no longer receive security patches, leaving known vulnerabilities open to exploitation.
A Comprehensive Strategy Is Essential
Addressing these threats requires a comprehensive strategy that starts with equipment purchasing decisions. In many cases, decisions related to OT systems are made by operations staff with limited input from IT and cybersecurity teams. Manufacturers wind up with a mix of technologies that have varying levels of cybersecurity controls.
Almost all manufacturers monitor for cyber threats within the IT environment, but very few extend those capabilities into the OT environment. Furthermore, a recent Deloitte survey found that fewer than half of manufacturers had performed a cyber risk assessment within the preceding six months.
Such an assessment is critical for establishing a baseline of security maturity. It also helps manufacturers identify their most critical vulnerabilities and risks so they can prioritize their cybersecurity efforts. Additionally, the assessment can help them develop a governance program that encompasses the OT environment.
Cerium’s security team has extensive experience in the manufacturing sector and can help organizations perform this analysis. We can then help manufacturers develop and implement a security strategy that provides robust protection against today’s advanced threats.
