In September 2025, production lines at Jaguar Land Rover, one of the UK’s manufacturing powerhouses, ground to a halt. The cause was not a supply chain disruption or a labour dispute, but a silent, digital invasion: a cyber-attack that eventually cost the UK economy an estimated £1.9 billion.

This incident serves as a stark reminder that in today’s interconnected world, no manufacturer is too big to be a target. The 2025 JLR attack achieved “lateral movement.” Attackers entered via a standard phishing email but quickly bypassed internal firewalls to reach Operational Technology (OT) systems. By manipulating industrial control logic, they forced a total manufacturing shutdown across major UK plants, such as Solihull and Halewood, for several weeks.

The push for Industry 4.0 has inadvertently created a perfect storm. By integrating OT directly into corporate networks, manufacturers have expanded their digital attack surface. Criminals now weaponise artificial intelligence (AI) to launch attacks that leap from the office inbox to the factory floor.

Interestingly, some companies now employ a creative “phishing” outreach strategy to engage potential clients. We received one such email recently, prompting us to write this article as fair warning.

1. Advanced Phishing and The Human Element

Phishing remains the most common attack type, reported by 84% of breached businesses.

• The Voice Clone: Using AI, attackers can clone a leader’s voice from just 30 seconds of audio to authorise fraudulent payments or part orders.

2. Deepfake-as-a-Service (DaaS)

DaaS platforms now allow criminals to generate high-fidelity impersonations for a small fee.

• The Threat: Attackers can use deepfake video in live digital meetings to impersonate supplier representatives, convincing manufacturers to divert multi-million-pound contract payments.

3. Prompt Injection: The New Sabotage

• As factories integrate Large Language Models (LLMs) to manage supply chains, they face Prompt Injection.

How it works: An attacker sends a file with hidden instructions that an industrial AI reads. This can trick the AI into ignoring safety sensors, such as heat warnings, or triggering unnecessary, massive inventory re-orders.

The threat can be quantified in stark numbers. According to the UK government’s 2025 Cyber Security Breaches Survey, 43% of all UK businesses identified a breach or attack in the last 12 months.

For manufacturers, the situation is even more acute. While a typical business may lose data, a manufacturer loses time. For large-scale industrial firms, the identification rate jumps to 74%. Each day of halted production at a major plant can cost millions in lost revenue, idle workforce costs, and broken contracts.

Digital Supply Chain Contagion

Manufacturers are only as secure as their weakest vendor. The JLR attack sent ripple effects through a network of over 5,000 downstream suppliers, many of whom faced immediate cash flow crises due to cancelled orders.

The Evolution of Triple-Extortion

In 2026, ransomware has evolved into Triple-Extortion:

• Encryption: This involves locking operational systems.
• Exfiltration: Attackers steal proprietary designs to sell to competitors.
• Harassment: Criminals contact customers directly to tell them their data was stolen from your servers.

The “Legacy Gap” Vulnerability

High-speed AI sensors often run on the same network as 15-year-old machines using unpatchable software. These legacy gaps allow AI scanners to identify and exploit vulnerabilities in seconds to bridge into your modern network.

UK manufacturers must pivot from prevention to resilience:

[ ] Network Segmentation: Logically separate your office Wi-Fi from your Factory Floor (OT).

[ ] Immutable Backups: Maintain air-gapped copies of critical system configurations.

[ ] Supplier Audits: Ensure critical suppliers have Cyber Essentials Plus or equivalent 2026-standard certifications.

[ ] Incident Response Drills: Can your team switch to manual or offline mode if a digital siege begins?

1. UK Parliament, Cybersecurity in the UK (Dec 2025).

2. World Economic Forum, Global Cybersecurity Outlook 2026.

3. Make UK & PwC, Executive Survey 2026: Time for Mission Growth.

4. GOV.UK, Cyber Security Breaches Survey 2025 (April 2025).

5. Cyber Monitoring Centre (CMC), Statement on the Jaguar Land Rover Incident (Oct 2025).

6. Wired, A Cyberattack on Jaguar Land Rover Is Causing a Supply Chain Disaster (Sept 2025).