Hacktivists, state sponsored groups step up cyber attacks on manufacturing and OT operations

New research from Forescout Technologies disclosed that in 2024, there was a 71 percent increase in threat actors targeting the manufacturing sector. Between 2024 and the first quarter of 2025, there were 29 active threat actors in manufacturing, with 79 percent of those being cybercriminals while 45 percent were ransomware gangs. Of these, the most active was RansomHub with 78 victims, including large data thefts. 

Forescout’s analysis of the manufacturing threat landscape in 2024 and the first quarter of 2025 revealed several significant trends. One of the most notable findings was an increase in attacker dwell time, indicating that threat actors are maintaining access within compromised environments for longer periods before detection.

There was also a rise in the use of legitimate cloud services to facilitate data exfiltration, allowing attackers to blend in with normal network traffic and evade security controls.

Read more at Industrial Cyber