Manufacturers A Top Cybercrime Target: 6 Effective Ways To Reduce Risk

By: Patrick Martin on June 12, 2025

Manufacturers A Top Cybercrime Target: 6 Effective Ways To Reduce Risk

Cybersecurity | Business Continuity | Information Security

The manufacturing industry touches the lives of most people both here and around the world in one way or another. Its importance makes it both vital to the global ecosystem and, at the same time, a top target of cybercriminals.

The rapid digitalization of the industry, increased production facilities, and growing consumer demand have all helped drive the industry’s growth over the past decade. They’ve also helped fuel a growing number of cyberattacks.

For the past three years running, manufacturing topped the list of most-targeted sectors for cyberattacks, according to a 2024 IBM X-Force Threat Report.

Last year, the manufacturing industry accounted for more than 25 percent of cybersecurity incidents, according to the findings. Of these, most were ransomware attacks stemming from a malware attack.

These cyber incidents have caused substantial harm to manufacturing companies and their suppliers, including operational downtime, production disruptions, shipping delays, reputational damage, legal ramifications, and revenue losses.

In this article, we’ll outline the growing cyber risks to manufacturers. We’ll also detail ways that you, as a small or mid-sized manufacturer, can boost your security defenses against an onslaught of cyber threats.

With this information, you’ll learn actionable security measures you can put in place to safeguard your sensitive information, systems, and suppliers so you can focus on growing your business.

The Ripple Effect: How Cyberattacks Continue To Exploit Manufacturers

According to cybersecurity company Sophos, 65 percent of manufacturing and production businesses reported being hit with a ransomware attack in 2023, representing a 41 percent jump since 2020. Of those who were struck, 3 in 5 said they paid a ransom.

The financial toll of such attacks has cost the industry an estimated $17 billion in lost revenue and downtime.

In one of the most damaging attacks in recent years, threat actors were able to gain unauthorized access and encrypt systems at process control equipment maker MKS Instruments, allowing them to launch a massive ransomware attack.

That attack resulted in $200 million in losses by the company, with aftershocks being felt by associated vendors within its supply chain, according to cybersecurity company BlackFog. For instance, semiconductor manufacturing giant Applied Materials reported a whopping $250 million in losses directly tied to the MKS attack.

In another attack, recreational boat-maker Brunswick Corporation reported the theft of sensitive personal and medical information of some 1,400 customers and employees in 2023.

The data breach cost the company an estimated $85 million.

In another high-profile attack, Clorox was rocked by a cyberattack in August 2023 that caused massive disruptions that ravaged its operations, production, and distribution, leading to widespread product shortages and delays.

That attack cost the company an estimated $49 million in direct costs and about $356 million in total losses.

While these attacks garnered headlines, keep in mind that not all attacks are reported publicly. In the first half of 2024, there were 396 undisclosed ransomware attacks against manufacturing companies, according to BlackFog.

In the face of such rising risks, as a small or medium-sized manufacturer you may be wondering how you can protect your business.

1. Unpatched Software

Shockingly, one of the main ways that hackers are able to gain unauthorized access is by exploiting software that hasn’t been patched to fix known vulnerabilities.

Even more surprising, many of these security flaws were old vulnerabilities. This means that companies were previously told about these identified security flaws, but ignored the warnings, leaving their software unpatched and unprotected.

Failing to regularly update software with security patches is a good way to attract unwanted guests into your systems.

Using legacy software increases your threat risk because the software has often reached its end-of-support (EOS) life cycle from its manufacturer. This means you’ll no longer be able to get technical support, such as updates, bug fixes, and critical security patches.

For example, Microsoft is ending support for its Windows 10 operating system (OS) on October 14, 2025 and transitioning fully to Windows 11 support.

Businesses that don’t upgrade to Windows 11 or purchase new devices with the new OS installed, could become prime targets for hackers.

This can leave you without access to regular updates and critical security patches for your outdated software when new vulnerabilities are discovered.

2. Outdated equipment

As with unpatched software, legacy operational technology (OT) used by many manufacturers is another security weakness cybercriminals often exploit to worm their way into your systems.

Because these devices have reached their end-of-life (EOL), attackers know that the manufacturers are no longer providing support, leaving them ripe for attack.

3. Phishing attacks

Phishing attacks—such as smishing, spear phishing, adversary-in-the-middle (AiTM), and business email compromise—are often part of a multi-step process used by attackers to carry out devastating attacks.

With other types of preliminary attacks, such as token theft, adversaries are able to bypass even some multi-factor authentication to steal authentication tokens during login to gain access.

These types of attacks are like a magician’s sleight of hand, tricking an individual into thinking they’re responding to an authentic message or going to a legitimate website. The deception is so convincing, even some cybersecurity experts have been fooled.

Phishing attacks are just the opening act to gain entry into your networks.

Once inside, bad actors can then snoop through your email communications, financial spreadsheets, recorded executive leadership meetings, screenshots, the personally identifiable information of customers and employees, and other sensitive information.

This information can then be encrypted with malware and held by the attackers until a ransom is paid.

4. Internet of Things (IoT) devices

Manufacturers are increasingly integrating IoT technology into their operations to gain a competitive edge.

Companies are using connected devices to automate various processes, gain real-time data analysis to improve decision-making, streamline operations, and reduce costs.

While it has its advantages, businesses are also experiencing the downside of the growing IoT adoption.

According to a report, the manufacturing industry is the most targeted for IoT-related malware attacks, representing some 54.5 percent of all such attacks. The industry is hit with some 6,000 IoT cyberattacks every week, the study found.

5. Lack of access controls

Hackers can take advantage of unsecure or weak remote access tools to gain entry into your network. Without the proper user authentication and verification measures, even a small security gap can be enough of an opening for attackers to sneak into your systems.

Likewise, a lack of network segmentation to split your network up into smaller sections and restrict access to those segments gives another backdoor avenue for bad actors to slip into your network.

6. Weak passwords and lack of MFA

Using weak passwords like “admin123” or “password,” not changing default device passwords, or failing to implement advanced multi-factor authentication (MFA) tools are security weaknesses that bad actors can easily exploit.

Cybersecurity Tools Manufacturers Can Use To Defend Against Cyber Threats

Although cybercriminals have more resources than ever at their disposal to carry out their attacks, there are things you can do to keep them at bay and decrease the chances of your business falling prey to an attack.

1. Asset Inventory

Conduct a thorough inventory to identify your physical, digital, or cloud-based assets, including your data, devices, software, applications, and other parts of your network.

In order to effectively safeguard your infrastructure, you have to gain a thorough understanding of what you have, as well as how and by whom your network is being accessed.

2. Risk Assessment

Conduct a risk assessment of your infrastructure. You can weigh your current cybersecurity efforts against specific manufacturing industry benchmarks and cybersecurity regulations for your business.

This allows you to get a security baseline, identify weaknesses, and establish a prioritized action plan to boost your defenses to meet industry standards and cybersecurity regulatory requirements.

Your audit should also include your supply chain of suppliers and partners to identify and fix any security weaknesses in this area that, if exploited, could have a potentially significant effect on your ability to operate.

3. Targeted Remediation

Implement robust security guardrails to strengthen your company’s security and protect your data and critical technology assets, including:

Multi-factor authentication
Conditional access policies to establish authentication and verification rules
network microsegmentation
automated patch scheduling and regular updates
device management and replacement
network monitoring with a security information and event management (SIEM) tool
endpoint detection and response
next-generation firewalls
antivirus, anti-malware, and spam-filtering software

4. Incident Response

Develop an in-depth incident response plan that establishes the protocols for your organization to follow in the event of a cyberattack.

Your plan should spell out the security controls put in place to minimize damage.

Your plan should also identify the key internal and external stakeholders who you’ve designated as the main points of contact during a cyber incident, including your network administrator, local law enforcement, and state or federal cybersecurity agencies.

Your incident response should also outline your process for conferring with key team members to evaluate the effectiveness of your response and discuss possible ways to improve your performance for future incidents.

You should also perform regular tests within a controlled segment of your environment to ensure your response works the way it should during a cyber incident.

5. Business continuity and disaster recovery (BCDR)

Create and adopt a BCDR plan so your team knows the specific steps to take in an emergency to maintain operations, protect data from being stolen or compromised, and mitigate damage.

Having a documented BCDR plan ensures you have a strategic plan to continue running your business in the face of an emergency and can quickly return to normal while minimizing losses.

6. Cybersecurity insurance

Given today’s cybersecurity climate, insurers are ramping up their coverage requirements to force manufacturers to adopt increasingly stringent security measures.

Insurers are toughening their cyber liability insurance requirements in an attempt to stem the growing incidence of malware, ransomware, data breaches, and other harmful cyberattacks that are pummeling both manufacturers and insurers.

The Bottom Line With Cybersecurity In Manufacturing

After reading this article, you’ve gained a more thorough understanding of why and how threat actors are targeting the manufacturing sector of the economy. We’ve also outlined six key ways you can boost your security guardrails to fend off cyberattacks.

Do you know how secure your infrastructure is?

Have you adopted a comprehensive cybersecurity plan to spell out exactly what security tools, systems, personnel, policies, procedures, and other resources you’ll need to put in place to improve your cybersecurity posture?

Do you have the internal personnel with the specialized skills and industry knowledge to implement the right security controls, following best practices?

If not, and you’re considering using a managed IT services provider (MSP), we encourage you to look around and weigh your options before choosing one.

We write articles like this to help you get the information you need to make the best IT decisions for your business—whether you choose to work with us or not.

While we know you have lots of choices, at Kelser, we have a dedicated team with specialized skills and broad industry and regulatory knowledge to develop a customized cybersecurity strategy to help protect your business and sensitive data.

If you’d like help assessing your current security posture, remediating security gaps, developing an incident response, or have other concerns, we’re here to help. Click the button to reach out now.