The manufacturing sector is a major contributor to the UK economy, having generated £220bn in output in 2024, while employing 2.6 million people. Recent years have seen industry evolution accelerate, with the arrival of ‘smart manufacturing’ and advanced, interconnected technologies to increase efficiencies across the supply chain.

But what risk does this increased connectivity carry? SEW-EURODRIVE UK’s Operations Director, Andy Turner, reflects on cybersecurity threats, the potential impact of attacks, and how manufacturers and engineers can keep smart factories secure.

• Smart factory cybersecurity threats often fall around Operational Technology (OT) vulnerabilities, user error, and weaknesses in supply chains
• In recent months, we’ve seen the devastating impact that cyberattacks can have on businesses, costing manufacturers £330,000 on average, rising to an annual UK cost of £14.7 billion (GOV.UK figures)
• While these threats may be alarming if you’re looking to implement new technology on your production line, there are steps you can take to mitigate risks in the smart factory.

What are the top cybersecurity threats to manufacturers?

A smart factory focuses on lean, highly automated, flexible production using interconnected technologies to enable better collaboration between operatives and machines.

Although cyber risk is nothing new, the fast pace of digital transformation has exacerbated the chance of attack, as supply chains, factories, and customers become more connected. Meanwhile, skills shortages are forcing fewer engineers to manage greater complexity, which means it’s easy for issues to be missed too.

Some of the biggest cybersecurity threats to manufacturers include:

Supply chain attacks: Cyberattacks often target weak links in the supply chain, infiltrating trusted partners like smaller software suppliers and hardware manufacturers to gain access to a larger manufacturer’s internal systems. This exploitation of trust can have a huge wider impact, compromising customer data and even disrupting hardware operations.

• Operational Technology (OT) vulnerabilities: Hackers have been increasingly targeting Operational Technology (OT), as one of the weakest points in a manufacturing environment. With out-of-date, legacy systems often in place, OT can lack in modern cybersecurity provisions, enabling attacks more easily. This can come with the convergence of Information Technology (IT) and Operational Technology (OT) — when integration is poorly managed, it can lead to a compromise.
• Ransomware: This type of attack is one of the most frequent, often started through tricking employees into clicking links or downloading malware via phishing emails. The employee action enables ransomware to spread through systems, accessing key data and resources and encrypting it, potentially bringing down entire production lines.

The impact of a cybersecurity attack in manufacturing

Cybersecurity has been hitting the headlines a lot in 2025, with numerous large retail and manufacturing businesses falling foul to attacks through supply chain vulnerabilities and ransomware.

Cyber issues aren’t always obviously ‘cyber’. In practical terms, a cyberattack could look like a line that will not restart after a routine firmware update, or a drive behaving unpredictably despite no mechanical change.

The Department for Science, Innovation, and Technology published research recently highlighting the costs of these attacks, which across all firms and sectors, amounted to £14.7 billion in 2024. Within the manufacturing sector, the cost was £330,000 per firm and attack – but this amount can be much higher for the biggest businesses.

In the past year, we’ve seen large manufacturing firms impacted badly, in some of the worst cyberattacks in recent history. While these firms are starting to bounce back, the disruption has highlighted how hackers can exploit vulnerabilities to halt production and sales.

Cyberattacks can undo all your efforts to run your factory reliably, making it impossible to view or manage operations, risking the safety of your production team and even shutting down manufacturing entirely.

In these moments, engineers are normally the first point of contact, expected to fix problems fast even when hidden somewhere between Information Technology (IT) and Operational Technology (OT).

Keeping your smart factory secure

The smart factory offers many benefits, like increased productivity and efficiency, lower operational costs, and greater flexibility so you shouldn’t let the risk of cyberattacks put you off integrating technologies within your factory floor – but you should still take precautions.

1. Keep your systems up to date

Legacy systems that lack modern cybersecurity controls are commonly a weak point, with the proliferation of interconnected devices across production lines, like sensors attached to drives, creating numerous attack entry points.

And when resource constraints force minimal security features to be put in place, these devices act as pivot points for criminals to move laterally through a network, using privilege escalation to access sensitive data, deploy malware, and take production out of your hands.

It may seem obvious, but one of the most effective steps in improving cybersecurity is keeping systems, firmware and software up to date, ensuring known vulnerabilities are addressed before they can be exploited.

2. Monitor your supply chain

While mitigating risk across your supply chain can be much more complex, implementing a zero trust model - where strict identity verification and authorisation is needed for every access request, regardless of user, device, and location - can help. This works on the basis that threats exist inside and outside the network, and only grants the minimum access needed for a specific task, limiting potential damage if awarded incorrectly.

3. Train your employees to be cyber aware

Another small but easy step to increase security is to teach your employees how to spot threats. Cybersecurity training is important for any manufacturer taking threats seriously, showing your staff how to spot phishing scams and vulnerabilities can go a long way in keeping your systems safe.

Cybersecurity at SEW-EURODRIVE

At SEW-EURODRIVE, we take cybersecurity seriously. The central information security management system at SEW-EURODRIVE has been certified to ISO 27001 since 2006 and has been continually recertified since then to ensure it meets the latest requirements.

We’re also complying with multiple cybersecurity laws and directives from the EU and the EEA, namely:

• NIS 2 Directive: Introduction of technical and organisational measures to increase cyber resilience, like risk management and reporting incidents to authorities.
• Radio Equipment Directive (RED): Requires radio equipment to meet lift standards to ensure safety, compatibility with other equipment, and fraud protection for data.
• Machinery Regulation: Replaces the Machinery Directive in 2027 and lays down fundamental requirements for machine manufacturers in terms of functional safety and health protection, and makes security a manufacturer obligation.
• Cyber Resilience Act (CRA): Establishes a minimum level of cybersecurity for all networked products placed on the EU market.
• Data Act: Strengthens the rights of users of networked products and services by setting rules and standards for data sharing within the EU.

We integrate security by design into our solutions and products, and we’re also here to support our customers through secure digital transformation. If you want to learn more about best practices in cybersecurity, our teams are more than happy to pass on their insight.

Our international Cybersecurity Emergency Response Team (CERT) works on security measures continuously, and we encourage our customers to report security vulnerabilities, so our team can take immediate action.

Do you want to work with a drive technology partner that takes cybersecurity seriously? Get in touch with our team.