Skip to main content
CybersecurityInfrastructure

UK Manufacturers Face Rampant Cyberattacks, ESET Report Finds

UK Manufacturers Face Rampant Cyberattacks, ESET Report Finds

The figure, reported by Infosecurity Magazine and attributed to ESET’s industry research, is more than a statistic; it is a measure of exposure. Manufacturing is more connected than ever — shop-floor controllers linked to enterprise networks, suppliers tied together by digital procurement systems, and remote access tools used to keep machines running across shifts and sites. The convenience of that connectivity is also the path an intruder can walk.

Context matters. Over the past decade, manufacturers embraced automation, industrial Internet of Things (IIoT) devices and cloud services to drive efficiency and flexibility. At the same time, many facilities continue to operate legacy industrial control systems (ICS) and operational technology (OT) that were not designed with modern cybersecurity in mind. Attackers exploit that juxtaposition: mature corporate IT defenses meet underprotected operational environments where downtime translates directly to lost production and revenue.

ESET’s headline finding — that 80% of UK manufacturers were hit and most lost money — reinforces a trend security analysts have been warning about. A cyber incident in a factory is not merely a breach of data. It can be a halted production line, missed delivery windows, emergency baggage of emergency repairs, regulatory fines and damage to commercial relationships. For smaller manufacturers that run thin margins, a single prolonged outage can be existential.

What kinds of incidents are we talking about? The public record points to a spectrum: ransomware that encrypts databases and control logic, phishing campaigns that harvest credentials, business email compromise that redirects payments, and malware that crosses from office networks into production environments. The result is often a scramble: IT teams trying to recover systems, operations managers finding manual workarounds, and executives calculating the direct and indirect bill. The ESET data doesn’t just count incidents; it counts consequences.

Why this matters beyond balance sheets is worth spelling out.

  • Economic resilience: Manufacturing contributes substantially to national GDP and employment. Repeated disruptions can slow growth, push up costs for consumers and create ripple effects through supply chains.
  • Supply-chain fragility: Many manufacturers are suppliers to larger manufacturers, retailers and public services. A breach at one node can cascade, affecting products from automobiles to medical devices.
  • Safety and physical risk: Compromised industrial control systems can endanger workers and damage equipment. Cyber incidents are not confined to abstract data loss; they can be kinetic in consequence.
  • National security: Some attackers aim to steal intellectual property or to sabotage production capacity as part of broader strategic campaigns. Manufacturing sectors tied to defense or critical infrastructure are especially sensitive.

Different actors read the report differently. Technologists see an operational checklist. Network segmentation, endpoint detection and response (EDR), asset inventories for OT devices, regular patching where possible, air-gapped critical systems and robust backup routines are all tactical responses. Cybersecurity vendors and internal teams will say the evidence demonstrates the need to blend IT and OT practices rather than treating them as separate problems.

Policymakers take a different view: if a large share of a strategic sector is vulnerable, there are public-policy levers to consider. That can mean incentives for small and medium-sized manufacturers to invest in cyber defenses, clearer regulatory standards for critical suppliers, and formal information-sharing mechanisms so local incidents do not blindside downstream partners. Recent UK policy moves — including guidance from the National Cyber Security Centre (NCSC) — emphasise resilience, but the ESET findings underline the gap between guidance and on-the-ground security.

Employees and frontline managers are another critical audience. Human error remains a dominant vector for intrusions: poor password practices, clicking malicious links and misconfiguring remote access tools. Training and accountability, combined with pragmatic controls like multifactor authentication, minimize risk but never eliminate it entirely. The ESET finding that most incidents caused financial loss will make investing in staff awareness easier to justify, but training must be paired with tooling and processes that make secure behavior practical.

Adversaries, for their part, are pragmatic. Organized cybercriminal groups view manufacturing as a lucrative target because the imperative to restore production gives victims a strong incentive to pay ransoms quickly. State actors may seek long-term footholds to exfiltrate intellectual property or to keep options open for disruption. The blend of financially motivated crime and geopolitically motivated espionage creates a crowded threat landscape that complicates response prioritization.

Mitigation is not simple, but some consistent priorities emerge from practitioners and observers:

  • Know what you own: maintain an inventory of IT and OT assets and their connectivity.
  • Segment networks: isolate critical operational systems from enterprise networks and external access pathways.
  • Harden recovery: test backups and disaster recovery plans regularly, including failover for production systems.
  • Invest in detection: deploy logging, monitoring and anomaly detection that cover both IT and OT environments.
  • Build partnerships: engage industry peers, trade associations and government agencies to share intelligence and support.

There are costs and trade-offs. Segmentation and strict controls can reduce flexibility for production engineers. Smaller firms face budget constraints that make comprehensive programs difficult. Policymakers must balance requirements with support mechanisms so compliance does not simply mean shifting production offshore to avoid regulatory burden.

Still, the alternative to investment is clearer — repeated, costly interruptions and the incremental erosion of competitiveness. The ESET findings are a reminder that cyber risk in manufacturing is not a theoretical future threat; it is a current business reality that most companies have already experienced. That fact should sharpen decision-making both in boardrooms and in Whitehall.

If eight in 10 manufacturers already know the smell of smoke in the server room, how many more will have to be burned before the sector treats cyber resilience as essential production equipment rather than an optional add-on? The answer will determine not only profit margins, but whether the factories that underpin modern life can keep the lights on when the next incident comes.

Source: https://www.infosecurity-magazine.com/news/eight-10-uk-manufacturers-hit/