17 October 2025
As cyber threats continue to escalate in 2025, the manufacturing sector faces increasing risks from ransomware, malware, social engineering, and especially supply chain attacks. IDS-INDATA’s latest Cyber Threat Analysis highlights a 20% year-on-year increase in supply chain breaches, making them the fastest-growing threat — exploiting vulnerabilities within increasingly interconnected industrial ecosystems.
Supply chain attacks are becoming more sophisticated and widespread, driven by AI-powered reconnaissance tools that map out weak supplier points, enabling attackers to execute precise and large-scale breaches. Ransomware remains a significant concern, with cybercriminals leveraging AI to craft adaptive payloads that target legacy operational technology (OT) systems, leading to extended operational downtime and costly recovery efforts. Malware threats are also on the rise, with malicious software now capable of learning network structures and spreading laterally within unsegmented legacy systems, further increasing an organisation’s exposure. Additionally, social engineering attacks are becoming more advanced, with deepfake voices and AI-generated impersonations targeting supplier communications, procurement processes, and financial approvals. These highly convincing, industry-specific tactics are contributing to a notable rise in targeted phishing attempts, affecting nearly nine out of ten manufacturers.
“Supply chain attacks let criminals do less work and reap more reward — one breach can impact many victims. Protecting the supply chain is protecting everyone,” said Ryan Cooke, Chief Information Security Officer at IDS-INDATA.
To effectively counter these risks, IDS-INDATA advocates for manufacturers to deploy AI-enabled threat detection systems that can identify and respond to threats more quickly and accurately. Organisations should also segment their networks to prevent lateral movement of malware, regularly conduct vulnerability assessments—especially on legacy assets—and invest in ongoing employee training to help staff recognise social engineering tactics. Strengthening third-party risk management is equally critical; manufacturers need to ensure their suppliers adhere to cybersecurity standards that match or exceed internal protocols, thereby creating a resilient and secure supply chain ecosystem.
Cooke emphasises that resilience must be built not only through immediate controls but also through strategic, long-term planning. This includes performing regular security audits, timely patching of vulnerabilities, and developing comprehensive supply chain frameworks aligned with manufacturing workflows. He adds, “It’s crucial that suppliers implement cybersecurity measures at least equal to your own, creating a resilient ecosystem that extends beyond your organisation’s boundaries.”
In conclusion, the rapidly evolving threat landscape — amplified by AI-driven tools — requires manufacturers to adopt a proactive, layered cybersecurity strategy. Strengthening supply chain security and implementing comprehensive defenses are vital steps to safeguard operations, protect critical assets, and ensure long-term resilience in an increasingly hostile cyber environment.
