Fast Facts

• 51% of manufacturers hit by ransomware in 2025 paid an average ransom of $1 million.
• Manufacturing has been the top ransomware target for four years running.
• Notable attacks in 2025 halted operations at Jaguar Land Rover and Asahi Group, costing billions.
• Critical vulnerabilities plague 75% of manufacturers, exposing them to major cyber risks.
• The rush to adopt AI in factories is increasing complexity - and enlarging the attack surface.

The New Battlefield: Factory Floors

Picture a humming assembly line suddenly silenced. Robotic arms dangle mid-air, conveyor belts freeze, and workers stare at blank screens. This isn’t a scene from a dystopian film - it’s the reality for manufacturers hit by cybercriminals wielding ransomware. In 2025, more than half of manufacturing firms worldwide found themselves locked out of their own systems, forced to pay a digital ransom or risk catastrophic losses.

The manufacturing sector has become ground zero for financially motivated hackers. Their lure? The industry’s reliance on continuous operations - every minute offline means millions lost. According to Sophos, 51% of manufacturers struck by ransomware paid up, with recovery costs often eclipsing the ransom itself. Shockingly, the average price tag to restore operations (excluding the ransom) neared $1.3 million.

Why Factories Are Prime Targets

Manufacturers’ vulnerabilities run deep. Many are racing to modernize, blending decades-old machinery with shiny new tech. Yet, expertise is in short supply, and cyber protections lag behind. Sophos points to three main culprits for breaches: a shortage of skilled defenders, hidden security gaps, and a slow uptake of robust safeguards.

The attack vectors keep shifting. In 2023, stolen passwords were the main entry point. In 2024, phishing emails took the crown. By 2025, hackers exploited unpatched weaknesses in factory software - the digital equivalent of sneaking in through an unlocked window. Kaspersky estimates that, outside North America, blocked ransomware attacks could have caused over $18 billion in losses if successful.

High-profile cases underline the stakes. Jaguar Land Rover’s month-long shutdown likely cost up to $2.4 billion, while Asahi Group’s breach led to beer shortages across Japan. Globally, 75% of manufacturers harbor at least one critical vulnerability, and the industrial sector now absorbs 42% of all attacks on operational technology, according to Trellix and Black Kite reports.

AI: Double-Edged Sword for Industry

As factories sprint toward automation, AI is both a blessing and a curse. Smart robots promise greater efficiency, but they also add layers of complexity. The digital border between corporate IT and industrial controls is blurring, giving hackers more doors to try. Regulators have noticed: in December, the US Cybersecurity and Infrastructure Security Agency released new guidance for integrating AI safely into industrial environments.

The race to build the “intelligent factory” is on - Foxconn and Alphabet’s Intrinsic are just two giants investing heavily - but so too is the race among cybercriminals to exploit every new innovation. As AI systems learn from vast pools of factory data, the risk of a single breach exposing sensitive information multiplies.

WIKICROOK

• Ransomware: Ransomware is malicious software that encrypts or locks data, demanding payment from victims to restore access to their files or systems.
• Operational Technology (OT): Operational Technology (OT) includes computer systems that control industrial equipment and processes, often making them more vulnerable than traditional IT systems.
• Vulnerability: A vulnerability is a weakness in software or systems that attackers can exploit to gain unauthorized access, steal data, or cause harm.
• Phishing: Phishing is a cybercrime where attackers send fake messages to trick users into revealing sensitive data or clicking malicious links.
• Attack Surface: An attack surface is all the possible points where an attacker could try to enter or extract data from a system or network.