Research shows Europe’s manufacturing digitalisation has made it a prime target for ransomware and social engineering attacks, as cyberattacks on the sector increase
KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today released its new report, “Securing Manufacturing’s Digital Future”. As the most targeted industry for cyberattacks for a fourth consecutive year, the report reveals that the manufacturing sector’s expanding digital footprint is putting operations, intellectual property, and economic resilience at risk.
With widespread investment in digitalisation to enable smart factories, the manufacturing industry has made significant strides in enhancing automation and efficiency along production lines. However, this progress has also expanded the attack surface for cybercriminals, who are increasingly exploiting the convergence of operational technology (OT) and information technology (IT) and complex supply chains to exfiltrate the high-value data the sector holds.
A particular concern raised in the report is the persistent threat of ransomware, which continues to dominate attacks in the sector. Manufacturing was the most targeted industry for ransomware from 2023 to 2024, according to the ENISA Threat Landscape 2024. A key reason for this is the industry’s low tolerance for downtime, with every minute of disruption potentially incurring massive costs and cascading effects across entire supply chains.
Key findings from the report include:
- The frequency of attacks against manufacturing is rising, as the number of confirmed data breaches increased by 89.2% from 2023 to 2024.
- According to the 2025 Verizon DBIR, ransomware accounted for 47% of all breaches in manufacturing, underscoring its dominance as the attack method of choice.
- Nearly half (47%) of all manufacturing breaches in 2024 involved ransomware. European manufacturers remain prime targets for major ransomware groups including LockBit, PlayCrypt, and 8Base.
- Human risk remains a critical vulnerability as social engineering was responsible for 22% of breaches in manufacturing organisations.
“With so much focus placed on physical safety and production line reliability, cyberthreats can sometimes fall under the radar,” said Javvad Malik, lead security awareness advocate at KnowBe4. “But many of today’s most devastating breaches do not start with a technical flaw, they start with a human mistake. Whether it is a phishing email, a weak password, or a lapse in procedure, attackers are exploiting people as the path of least resistance. Building cyber resilience in the manufacturing sector is not just about patching systems—it is about empowering employees with the awareness and training to recognise and respond to threats before they escalate. Manufacturers that fail to act now risk not just data loss, but systemic disruption across operations, supply chains, and even national infrastructure.”
The report highlights the significant impact of security awareness training in reducing human risk within the manufacturing sector. Over a 12-month period of consistent and effective training, phishing susceptibility dropped from 31.8% to just 3.6%—a 89% reduction.
To download the full KnowBe4 report “Securing Manufacturing’s Digital Future”, click here.
About KnowBe4
KnowBe4 empowers workforces to make smarter security decisions every day. Trusted by over 70,000 organisations worldwide, KnowBe4 helps to strengthen security culture and manage human risk. KnowBe4 offers a comprehensive AI-driven ‘best-of-suite’ platform for Human Risk Management, creating an adaptive defense layer that fortifies user behaviour against the latest cybersecurity threats. The HRM+ platform includes modules for awareness & compliance training, cloud email security, real-time coaching, crowdsourced anti-phishing, AI Defense Agents, and more. As the only global security platform of its kind, KnowBe4 utilises personalised and relevant cybersecurity protection content, tools and techniques to mobilise workforces to transform from the largest attack surface to an organisation’s biggest asset.
