2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector

• 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices.
• Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods Exposed: Explore two in-depth companion pieces that delve into the convergence of IT and OT systems in manufacturing, and the specific methods cybercriminals use to target and breach these environments.
• Download the 2025 Trustwave Risk Radar Report & Related Resources: Access the full report, deep dive analyses, and webinars to gain a comprehensive understanding of the cybersecurity risks facing manufacturers and learn actionable mitigation strategies.

As the manufacturing industry modernizes and expands its digital connectivity, it has become increasingly vulnerable to sophisticated cyberattacks targeting its evolving cyber defenses.

In the newly released 2025 Trustwave Risk Radar Report: Manufacturing Sector, Trustwave SpiderLabs outlines the key cybersecurity challenges facing manufacturers and provides a comprehensive list of mitigation strategies to help organizations strengthen their defenses.

The primary report is joined by two companion pieces that dig deeper into specific issues Trustwave SpiderLabs sees being impacted. These are:

• Manufacturing Sector Deep Dive: Convergence of IT/OT
• Manufacturing Sector Deep Dive: Methods of Targeting and Breaching

In addition, there is a three-part webinar series, each of which is led by a Trustwave SpiderLabs expert, who will offer a detailed analysis of all three reports. Register here for the webinars.

2025 Trustwave Risk Radar Report: Manufacturing Sector builds on the work of the 2023 Manufacturing Threat Intelligence Briefing and Mitigation Strategies.

The report notes that ransomware and phishing are the primary tools used by attackers against manufacturing targets:

• 87% of attacks originated from phishing
• 54% of ransomware attacks were in the US
• 14% of ransomware attacks targeted machinery manufacturers

While numbers are great, the reason behind them is even more important and Trustwave SpiderLabs breaks down the causes and the direct correlation they have to this industry’s security woes. They include:

• Reliance on Legacy Systems
• Increasing Connectivity of Manufacturing Systems
• Potential for Physical Damage and Disruption
• Lack of Visibility and Control
• Cultural Mindset Gap
• Convergence of IT and OT

The items in the list above are just surface-layer examples, with Trustwave SpiderLabs breaking down each and explaining the underlying issues.

For example, according to the Cybersecurity and Infrastructure Security Agency (CISA), there are more than 1,200 known vulnerabilities and security issues associated with OT systems from more than 300 original equipment manufacturers (OEMs) and system providers.

These vulnerabilities are often unpatched or poorly managed, increasing the likelihood of successful cyberattacks. The increased reliance on cloud platforms and remote access further complicates matters, as these systems are vulnerable to external breaches that may not be detected until damage has already occurred.

The Opposing Team

The report takes a hard look at the players, primarily ransomware groups, arrayed against the manufacturing sector. They represent a mix of old and new names, with some famous groups like LockBit making an initial impression but falling off and being supplanted by Play, Ransomhub, and Akira.

The report examines these groups from a global and regional perspective, giving the reader a detailed understanding of how they operate and their favorite targets.

Download the Report

While the report focuses on manufacturing, we encourage those in other sectors to download the report as many of the findings are pertinent to a wider audience.

All three reports and their accompanying webinars can be found and downloaded from this page.