Manufacturing sector faces rising cyber threats in 2025

Check Point’s research, as detailed in its 2025 CPR Manufacturing Report, highlights rising cyber threats against the global manufacturing sector

The manufacturing industry is under increasing pressure from cyberattacks, with organisations facing an average of 1,585 weekly incidents in 2025 — a 30% increase year-over-year.

Africa’s industrial and manufacturing entities are not immune, experiencing an average of 1,872 attacks per week over the last four weeks, highlighting the growing global threat landscape.

Ransomware remains the dominant concern, inflicting losses that can reach hundreds of millions of dollars and, in severe cases, pushing companies into insolvency. Beyond financial impacts, cyberattacks disrupt production, delay shipments, erode customer trust, and attract regulatory scrutiny. As such, cybersecurity has become a core business risk, not merely an IT concern.

“Attackers know that every hour of halted production can cost millions. That’s why ransomware groups view manufacturers as prime targets: they don’t need to steal sensitive customer data when they can simply shut down operations and demand payment,” explained Lorna Hardie, regional director: Africa, Check Point Software Technologies.

Global examples illustrate the potential consequences. In 2023, a ransomware attack disrupted Clorox operations, leading to US$356mn in quarterly losses. Nucor, North America’s largest steel producer, had to halt production after a 2025 cyber breach. Sensata Technologies suffered delays in shipping and production due to ransomware, and sustained attacks forced Schumag AG into insolvency in 2024.

Supply chain connectivity further amplifies risk. Manufacturers rely on extensive networks of suppliers, global partners, and IoT/OT systems, meaning that one vulnerable link can compromise entire production lines. Criminal groups now sell access to manufacturing networks, giving ransomware affiliates direct paths into operations. In Africa, heavy reliance on Europe as a trading partner increases vulnerability, particularly with the EU’s NIS2 Directive imposing stricter security requirements on critical sectors. “African businesses must act now to comply with the EU's NIS2 Directive or risk losing valuable revenue streams through their European trading partners,” Hardie warned.

State-backed and hacktivist groups are also increasingly targeting manufacturers. Intellectual property theft, including drone blueprints, automotive designs, and defense-related technologies, has been on the rise. Politically motivated disruptions affect manufacturers tied to critical infrastructure, energy, and defense supply chains. Such incidents underscore that manufacturing security is not only a technical issue but also a matter of national competitiveness and economic stability.

To safeguard operations, executives are urged to adopt proactive strategies:

• Build resilience into operations: Treat downtime as a board-level risk, test continuity plans, and ensure recovery times are measured in hours.

• Secure the supply chain: Implement cyber standards across vendors, enforce visibility into third-party access points, and address potential vulnerabilities.

• Protect intellectual property: Recognise that cyber threats are increasingly deliberate and geopolitical. Invest in monitoring, advanced detection, and data-loss prevention.

• Invest in proactive defense: Move beyond compliance to prevent disruptions before they occur.

“Executives who embrace these priorities are not just defending against today’s threats, they are building a competitive edge. In an industry where uptime, trust, and innovation drive market share, resilience becomes a differentiator,” Hardie noted.

With cyberattacks intensifying in both frequency and sophistication, manufacturing executives must act decisively. Those who prioritize cyber resilience today will protect not only their production lines but also the long-term future and competitiveness of their business.