2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing

• 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices.
• Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods Exposed: Explore two in-depth companion pieces that delve into the convergence of IT and OT systems in manufacturing, and the specific methods cybercriminals use to target and breach these environments.
• Download the 2025 Trustwave Risk Radar Report & Related Resources: Access the full report, deep dive analyses, and webinars to gain a comprehensive understanding of the cybersecurity risks facing manufacturers and learn actionable mitigation strategies.

As the manufacturing sector continues to modernize and develop deeper and wider connections to the Internet, the industry has opened itself up to a broad range of sophisticated cyberattacks designed to take advantage of this sector’s still-developing cyber defenses.

Trustwave SpiderLabs explains these and other issues facing manufacturers in its just released 2025 Trustwave Risk Radar Report: Manufacturing Sector, and offers a list of protective mitigations organizations can adopt.

The primary report is joined by two companion pieces that dig deeper into specific issues that Trustwave SpiderLabs is witnessing in the sector. These are:

• Manufacturing Sector Deep Dive: Convergence of IT/OT
• Manufacturing Sector Deep Dive: Methods of Targeting and Breaching

In addition, there is a three-part webinar series, each of which is led by a Trustwave SpiderLabs expert, who will offer a detailed analysis of all three reports. Register here for the webinars.

The 2025 Trustwave Risk Radar Report: Manufacturing Sector builds on the work of the 2023 Manufacturing Threat Intelligence Briefing and Mitigation Strategies.

This year’s report notes that ransomware and phishing are the primary tools used by attackers against manufacturing targets:

• 87% of attacks originated from phishing
• 54% of ransomware attacks were in the US
• 14% of ransomware attacks targeted machinery manufacturers

While numbers are great, the reason behind them is even more important and Trustwave SpiderLabs breaks down the causes and the direct correlation they have to this industry’s security woes. They include:

• Reliance on Legacy Systems
• Increasing Connectivity of Manufacturing Systems
• Potential for Physical Damage and Disruption
• Lack of Visibility and Control
• Cultural Mindset Gap
• Convergence of IT and OT

The factors in the list above are just surface-layer examples, with Trustwave SpiderLabs breaking down each and explaining the underlying issues.

For example, according to the Cybersecurity and Infrastructure Security Agency (CISA), there are more than 1,200 known vulnerabilities and security issues associated with OT systems from more than 300 original equipment manufacturers (OEMs) and system providers.

These vulnerabilities are often unpatched or poorly managed, increasing the likelihood of successful cyberattacks. The increased reliance on cloud platforms and remote access further complicates matters, as these systems are vulnerable to external breaches that may not be detected until damage has already occurred.

The Opposing Team

The report takes a hard look at the players, primarily ransomware groups, targeting the manufacturing sector. They represent a mix of old and new names, with some famous groups like LockBit making an initial impression but falling off and being supplanted by Play, Ransomhub, and Akira.

The report examines these groups from a global and regional perspective, giving the reader a detailed understanding of how they operate and their favorite targets.

Download the Report

While the report focuses on manufacturing, we encourage those in other sectors to download the report as many of the findings are pertinent to a wider audience.

All three reports and their accompanying webinars can be found and downloaded from this page.