The manufacturing sector continues to be the top target worldwide for cybercrime. With nearly 5,500 successful ransomware attacks on organizations in 2024, cybercrime remains a top security concern worldwide.
Bad actors and their attacks are becoming more sophisticated; at the same time, reports note, they are also increasingly targeting third-party suppliers with inadequate cyber protections. Manufacturers and their suppliers must stay vigilant to maintain a strong security posture in 2025.
Emerging cybersecurity threats in 2025
Cyberattacks are constantly evolving as bad actors look for new ways to exploit manufacturers and their suppliers, experts say. And emerging technologies offer new opportunities and risks, cautions a report on cyber resilience from the World Economic Forum.
These risks include:
- A growing attack surface. The number of connected devices worldwide is expected to double from 2023 levels by 2029, with Internet of Things (IoT) devices in manufacturing driving some of this growth. Each of these devices is a potential entry point for a cyberattack.
- A rise in artificial intelligence (AI) and machine learning-powered attacks. The power of AI can be harnessed for sophisticated, targeted attacks like AI-driven phishing.
- Changing regulatory landscape. Compliance with new regulations, including Cybersecurity Maturity Model Certification (CMMC) 2.0, will pull manufacturers’ and suppliers’ cybersecurity teams in new directions in 2025.
- Supply chains as targets. As in 2024, cybercriminals will continue to target suppliers, seeking vulnerabilities that may provide a “back door” into large OEMs.
- Capacity and skills gaps. A critical shortage of skilled cybersecurity professionals puts companies across industries at risk. Combatting increasingly sophisticated attacks requires skilled staff with expertise in emerging technologies — and the capacity to stay current.
Manufacturers and their suppliers must stay vigilant and be proactive in preparing for new threats, experts say. Maintaining a cybersecurity-aware culture and communicating regularly with suppliers to help them prepare are key to staying ahead of emerging threats.
The top malware threats that targeted manufacturers in 2024
In 2024, the manufacturing sector continued to face a high-risk landscape of malware attacks targeting both information technology (IT) and operational technology (OT) systems. Such attacks threatened production, exposed data, and created critical vulnerabilities. Four of the top strains included:
CI0p
After compromising more than 230 companies globally in 2023 via the MOVEIt file transfer breach, CI0p continued to be a top malware threat. Cl0p employs steal, encrypt and leak tactics; if victims do not meet the ransom demands, their data is published on cybercriminals’ leak site.
Cl0p ransomware targets weak remote access and control systems and relies on phishing schemes for entry.
LockBit 3.0
This prominent ransomware variant targeted multiple manufacturing sectors, including electronics and aerospace. Attack volume was up 665% through May 2024, driven by high-volume email campaigns that delivered the malware via a ZIP file.
Attackers can encrypt and extract all files on an infected device — and then demand millions in ransom for their release.
Snake (Ekans)
Snake ransomware is particularly crippling as it can infect an entire network before detection. Even worse, it will stop numerous antivirus and industrial control system processes.
First detected in 2020, Snake has evolved, as the hackers behind it have increasingly focused on industrial targets. This rise in attacks has highlighted the need for stronger segmentation between IT and OT networks by both manufacturers and their suppliers.
QakBot
A coordinated law enforcement effort may have shut down QakBot (also known as Qbot) in 2023, but it made a comeback last year. Phishing emails designed to look like an ongoing thread contain dangerous links — and clicking on them unleashes ransomware that can hold data for ransom.
QakBot’s resurgence is driven in part by social engineering: Users are more likely to fall for phishing schemes — and click on links and attachments — when they trust the platform or individual sender.
Visit the MxD Virtual Training Center for information on cybersecurity workforce training resources.