UK manufacturing faces surge in AI-driven cyber threats

A recent analysis has revealed significant increases in cyber threats targeting the UK manufacturing sector, focusing on supply chains, ransomware, and other forms of cyberattacks.

The study conducted by IDS-INDATA identifies a dramatic 50% rise in supply chain attacks, now recognised as the fastest-growing cyber menace to the manufacturing industry. In 2023, these threats impacted 20% of manufacturing businesses and are projected to rise to 30% in 2024. This trend highlights the targeting of third-party vendors and suppliers as entry points for malicious activities facilitated by AI-driven tools that rapidly identify weak points within interconnected supply chains.

In addition to supply chain vulnerabilities, the report notes a 23.5% increase in ransomware attacks affecting the sector. Ransomware threats, which impacted 34% of businesses in 2023 and are expected to rise to 42% in 2024, are becoming more sophisticated with the incorporation of artificial intelligence. This technology allows the malware to adapt in real time to avoid detection, posing a serious risk to older OT systems operating on outdated software. The resulting attacks increase downtime and financial burdens on manufacturers, with the potential for permanent damage to infrastructure.

AI-enhanced malware also sees notable growth, with an 11.1% increase in such attacks. These malware variants can learn from their environment and exploit vulnerabilities within OT-IT networks, undermining system integrity, disrupting productivity, and stealing sensitive data. Currently, 50% of manufacturing businesses are impacted by this sophisticated form of cyber threat.

Social engineering attacks, up by 8.6%, remain a significant concern. Affecting 38% of businesses, they utilise AI-driven deepfakes and automated scams to manipulate individuals and exploit human error, a known weak link in cybersecurity for the sector. This trend underlines the importance of ongoing training and awareness for manufacturers to counteract the personalised nature of these attacks.

Spear phishing continues to plague the industry with a 4.8% increase, targeting 88% of businesses. Such attacks are enhanced by AI, which allows cybercriminals to tailor emails with personal information pulled from public sources, exploiting manufacturers' reliance on email for operational coordination.

Ryan Cooke, Chief Information Security Officer at IDS-INDATA, commented, "The findings show an opportunity for manufacturers. Older systems that run on outdated software are increasingly vulnerable to attacks, whilst the lack of proper network segmentation dramatically increases the impact of malware and lateral movement. Addressing these risks can help the industry overcome today's sophisticated, AI-enhanced cyber threats, which is especially critical given the interconnected nature of supply chains."

Cooke noted the importance of regular system evaluations: "We advocate for regular system checks to stay ahead of evolving threats. IDS-INDATA's testing and risk management services are designed to assess vulnerabilities in OT-IT networks and fortify defences against the growing tide of cyber threats, from ransomware to AI-powered malware."

Cooke also emphasised the necessity of long-term resilience planning: "Effective resilience planning is essential in today's cybersecurity landscape. By ensuring that OT-IT systems are securely designed, regularly patched, and aligned with best practices, manufacturers can create a strong defence against even the most sophisticated threats."

As cyber threats evolve with the further integration of artificial intelligence, IDS-INDATA advises manufacturers to address vulnerabilities with a level of sophistication matching that of the threats to maintain resilience and security in a rapidly changing landscape.