New research reveals 78% of British manufacturers suffered cyber incidents in the past year, with production outages, supply chain disruption, and £250,000+ losses becoming routine as AI-powered attacks emerge as the new threat landscape.
Nearly 80 percent of British manufacturers say they've been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual.
According to security outfit ESET, 78 percent of UK manufacturers admit to suffering at least one cyber incident in the last 12 months, with more than half reporting lost revenue as a result. These aren't minor hiccups either. In more than half of the worst incidents, losses surpassed £250,000, because when something breaks digitally, the production line usually follows suit.
The sector got a high-profile reminder of the stakes last year when Jaguar Land Rover was forced to halt production following a cyberattack that rippled across its supply chain. The disruption dragged on for weeks, with estimates putting the wider economic hit at around £1.9 billion once suppliers, delays, and lost output were factored in.
ESET's numbers suggest this kind of fallout is increasingly common. Almost all respondents said incidents had a direct operational impact, with supply chain disruption and missed commitments near the top of the list. And when things do go down, they don't bounce back quickly. Most outages stretch into days, sometimes close to a week, with the knock-on effects lingering well after systems are back up and running.
Despite that, visibility into risk remains patchy. One in five manufacturers said they have limited or no insight into the cybersecurity threats that could knock production offline, a blind spot that's increasingly hard to justify as attacks evolve. Nearly half of respondents now see AI-assisted attacks as the top threats over the next year, ahead of phishing and ransomware – a sign that the tooling on both sides of the fence is getting more sophisticated.
"If the JLR attack showed us anything, it's how quickly a cyber incident can shut down production at scale and have major consequences for the business and the wider economy," said Matt Knell, UK country manager at ESET. "The real challenge is that many organizations still treat cybersecurity as an IT issue rather than a strategic business decision. When it sits outside the boardroom, it's harder to prioritize appropriately."
Cyber incidents might be a production problem now, but ownership still mostly sits in IT. Only 22 percent of firms put it at the executive level, even though the damage is clearly big enough to warrant board attention. Despite that, more than a fifth still lean toward reacting after the fact rather than trying to stop incidents in the first place.
The manufacturing sector's vulnerability stems from several converging factors. Modern factories increasingly rely on interconnected systems, from automated production lines to supply chain management software. When these systems are compromised, the physical consequences are immediate and costly. Unlike office environments where employees can work from home during IT outages, manufacturing operations often grind to a complete halt when digital systems fail.
This creates a particularly dangerous scenario where ransomware operators can demand higher payments knowing that every hour of downtime translates directly into lost revenue and contractual penalties. The JLR incident demonstrated how a single compromised supplier or partner can create cascading failures across an entire ecosystem of manufacturers, suppliers, and distributors.
The shift toward AI-powered attacks represents a significant escalation in the threat landscape. These attacks can adapt in real-time, identify vulnerabilities faster than human operators, and potentially bypass traditional security measures. For manufacturers still relying on legacy systems or basic cybersecurity protocols, this represents a widening gap between attacker capabilities and defender preparedness.
The economic implications extend far beyond individual companies. Manufacturing represents a significant portion of the UK economy, and widespread disruption could impact everything from consumer goods availability to industrial supply chains. The £1.9 billion estimate from the JLR incident suggests that major cyber events affecting manufacturers could have macroeconomic consequences comparable to natural disasters or major infrastructure failures.
Industry experts suggest several approaches to address this growing crisis. First, cybersecurity needs to be elevated from an IT concern to a strategic business priority with direct board-level oversight. This would ensure adequate resource allocation and decision-making authority during incidents. Second, manufacturers need to invest in resilience planning, including backup systems, alternative production capabilities, and robust incident response protocols. Third, there's a need for greater information sharing across the industry to identify emerging threats and effective countermeasures.
The current situation also highlights the importance of supply chain cybersecurity. Many attacks exploit vulnerabilities in smaller suppliers or partners who may lack robust security measures. Creating industry-wide security standards and verification processes could help reduce these entry points for attackers.
As manufacturers continue to digitize operations and adopt more connected technologies, the attack surface will only expand. Without significant changes in how the industry approaches cybersecurity, the current 80 percent incident rate could become the baseline rather than a warning sign. The question is no longer whether manufacturers will face cyber attacks, but how prepared they are to withstand them when they inevitably occur.
Comments
Please log in or register to join the discussion