UK Manufacturing Sector Hit Hard by Cyber Incidents, With 78% Affected in Past Year
A recent survey of 500 UK manufacturing decision-makers, commissioned by ESET, reveals that 78% of manufacturers experienced cyber incidents in the last 12 months, with 53% reporting lost revenue as a direct consequence. The findings highlight widespread operational disruption rather than isolated IT failures, with 95% of affected companies facing tangible business impacts.
Downtime and financial losses were among the most severe effects. Three-quarters of manufacturers reported full or partial shutdowns due to cyberattacks, with 56% experiencing outages of one to three days and 19% facing disruptions lasting four to seven days. Financial damage was significant over half of the most serious incidents resulted in losses of at least £250,000, while supply chains and customer relationships also suffered, with 44% citing supply chain disruption and 39% missing contractual commitments.
The survey follows the cyberattack on Jaguar Land Rover, which ESET estimated cost the UK economy £1.9 billion, demonstrating how cyber disruptions in manufacturing can ripple beyond individual businesses and persist even after systems are restored.
Despite the scale of the threat, cybersecurity accountability remains largely outside the boardroom. Only 22% of manufacturers assign responsibility to executive leadership, while 55% delegate it to IT teams. This divide influences spending priorities 63% recognize preventive measures as more cost-effective, yet 21% still favor reactive approaches.
Visibility into operational risks is also limited, with one in five manufacturers reporting little to no insight into threats that could disrupt production. Meanwhile, the threat landscape is evolving, with 46% of respondents identifying AI-enabled attacks as a top concern over the next year, followed by phishing (42%), ransomware (40%), and unauthorized system access (38%).
ESET UK Country Manager Matt Knell emphasized that many organizations still treat cybersecurity as a technical issue rather than a strategic business priority, despite evidence that reactive responses often lead to six-figure losses and prolonged disruptions. The findings suggest that manufacturers with older operational technology (OT) and newer connected systems are particularly vulnerable, as automation makes attacks easier to scale and harder to detect.
Source: https://itbrief.co.uk/story/uk-manufacturers-hit-by-cyber-attacks-survey-finds
JLR cybersecurity rating report: https://www.rankiteo.com/company/jaguar-land-rover_1
"id": "JAG1775032266",
"linkid": "jaguar-land-rover_1",
"type": "Cyber Attack",
"date": "4/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Manufacturing',
'location': 'United Kingdom',
'name': 'UK Manufacturing Sector (General)',
'size': '500 surveyed decision-makers',
'type': 'Industry Sector'},
{'industry': 'Automotive Manufacturing',
'location': 'United Kingdom',
'name': 'Jaguar Land Rover',
'type': 'Company'}],
'attack_vector': ['phishing',
'ransomware',
'unauthorized system access',
'AI-enabled attacks'],
'description': 'A survey of 500 UK manufacturing decision-makers revealed '
'that 78% of manufacturers experienced cyber incidents in the '
'past year, with 53% reporting lost revenue. The incidents '
'caused widespread operational disruption, including downtime, '
'financial losses, supply chain disruptions, and missed '
'contractual commitments. The cyberattack on Jaguar Land Rover '
'was highlighted as a major incident with significant economic '
'impact.',
'impact': {'downtime': ['56% experienced outages of one to three days',
'19% faced disruptions lasting four to seven days'],
'financial_loss': 'Over half of the most serious incidents '
'resulted in losses of at least £250,000',
'operational_impact': 'Three-quarters of manufacturers reported '
'full or partial shutdowns due to '
'cyberattacks',
'revenue_loss': '53% reported lost revenue as a direct '
'consequence'},
'lessons_learned': 'Cybersecurity accountability remains largely outside the '
'boardroom, with only 22% of manufacturers assigning '
'responsibility to executive leadership. Many '
'organizations treat cybersecurity as a technical issue '
'rather than a strategic business priority, leading to '
'reactive responses and significant losses.',
'post_incident_analysis': {'corrective_actions': 'Assign cybersecurity '
'responsibility to executive '
'leadership, adopt '
'preventive measures, and '
'improve threat visibility.',
'root_causes': 'Older operational technology (OT) '
'and newer connected systems create '
'vulnerabilities, making attacks '
'easier to scale and harder to '
'detect. Lack of boardroom '
'accountability and reactive '
'cybersecurity approaches '
'contribute to prolonged '
'disruptions.'},
'recommendations': 'Manufacturers should prioritize preventive measures over '
'reactive approaches, improve visibility into operational '
'risks, and integrate cybersecurity as a strategic '
'business priority. Enhanced monitoring and network '
'segmentation are recommended for organizations with older '
'OT and newer connected systems.',
'references': [{'source': 'ESET Survey of 500 UK Manufacturing '
'Decision-Makers'}],
'title': 'UK Manufacturing Sector Cyber Incidents 2023-2024',
'type': ['cyberattack', 'operational disruption']}