Engineering publications brought to you by Mark Allen

Ellie McCann

Legacy OT-IT systems continue to leave manufacturers exposed to cyber attacks

News
1 min read

Ransomware, malware, and social engineering continue to be among the most prevalent cyber threats in 2025, as cybercriminals exploit vulnerable OT-IT networks and interconnected supply chains.

New research has found a 20 per cent year-on-year increase in manufacturing supply chain cyber attacks
New research has found a 20 per cent year-on-year increase in manufacturing supply chain cyber attacks - AdobeStock

Published to coincide with Cybersecurity Awareness Month, IDS-INDATA’s latest findings highlight the urgent need for manufacturers to modernise their operational technology (OT) and information technology (IT) environments, and strengthen supply-chain defences against growing, AI-driven threats.

The research found that supply chain compromise remains the fastest-growing cyber threat in the manufacturing sector, with attacks found to have increased by 20 per cent year-on-year since 2023. 

As industrial ecosystems become more interconnected, third-party vulnerabilities continue to serve as entry points for attackers, while AI-assisted reconnaissance tools now possess the ability to automate the mapping of weak suppliers, accelerating the scale and precision of attacks, IDS-INDATA researchers said. 

Ransomware continues to dominate headlines in the industrial sectors, with the research finding a 7.1 per cent increase in businesses affected by it since 2023, while Malware attacks targeting OT-IT environments increased by 6 per cent. 

Social engineering attacks, now frequently enhanced by AI-generated voices and deepfake impersonations, are also rising in frequency and sophistication. These attacks increasingly target supplier communications, finance approvals, and procurement chains, with IDS-INDATA reporting a 7.9 per cent increase in firms affected in just two years.

Despite cyber attacks becoming increasingly more sophisticated, targeted phishing remains the most common attack vector, affecting nearly nine in ten manufacturers. As phishing detection improves, attackers are adopting more contextual, industry-specific language and spoofed domain tactics. Since 2023, attacks increased by 1.1 per cent. 

IDS-INDATA encourages manufacturers to pair immediate controls with long-term resilience planning, with the company offering support through secure configuration audits, patch management, and supply-chain risk frameworks aligned with manufacturing workflows.

In a statement, Ryan Cooke, Chief Information Secuirty Officer at IDS-INDATA, said: “Supply-chain attacks let criminals do less work and reap more reward – one compromise, often many victims. Defending the chain is defending everyone.

“It’s important to ensure that your suppliers are implementing, at a minimum, the same level of cybersecurity as you are. It’s about building resilience by looking outside of your own organisation’s boundaries and including your suppliers, who are also responsible for protecting your data.”

Related Content

 

IDS-INDATA
cyber attack
manufacturing IT systems
supply chains

Comments

Related Articles

Software

Cyber attacks in manufacturing increase as IT and OT converge

Cybercriminals have dramatically increased their scouting raids on UK businesses, with manufacturing companies being one of the top targets for ransomware attacks
Software

Cyber criminals now scanning business devices over 4,000 times a day, new BT research reveals

JLR restarts manufacturing after five weeks of a complete shutdown
Manufacturing

JLR restarts production after cyber attack shutdown