automotive

UK Manufacturing Cyber Security: Why Ransomware and DDoS Attacks Are Now Operational Risks

viviandufour, , Leave a comment
An industrial automation scene showcasing robotic arms in a factory setting. The image highlights cyber risk with visual indicators for system status, threat activity, and network traffic. Text overlay reads 'Cyber Risk, Real Downtime' emphasizing the impact of software risk on operations.

UK manufacturing is becoming more exposed to cyber disruption as factories rely on connected systems, industrial software, cloud platforms, and third-party suppliers.

Ransomware and denial-of-service attacks are among the most damaging threats. They can stop production, delay shipments, disrupt supply chains, and create direct financial losses.

For manufacturers, cyber risk now reaches far beyond IT systems. It affects uptime, safety, fulfilment, customer commitments, and business continuity.

UK Manufacturers Are Facing a Higher Level of Cyber Disruption

A 2026 ESET survey found that 78% of UK manufacturers experienced a cyber incident in the past year. 

Among affected firms, 95% reported direct business impact, 53% suffered financial loss, 44% faced supply chain disruption, and 39% missed customer or supplier commitments. Some incidents caused losses above £250,000.

Infographic detailing UK manufacturing cyber risk statistics, highlighting that 78% of UK manufacturers experienced a cyber incident in the past year. Additional statistics include 95% reported direct business impact, 53% suffered financial loss, 44% faced supply chain disruption, and some incidents caused losses above £250k. It also notes that 43% of businesses in the wider UK reported a breach or attack.

The wider UK picture is also concerning. The UK government’s Cyber Security Breaches Survey 2025 found that 43% of UK businesses experienced a cyber breach or attack in the previous 12 months. The figure rose to 67% for medium businesses and 74% for large businesses.

Manufacturing is especially exposed because downtime has an immediate cost. A locked system or unavailable application can quickly become a halted line, a missed order, or a broken supplier commitment.

Ransomware Remains the Primary Cyber Threat

Ransomware remains one of the most serious threats to UK organisations. The National Crime Agency describes ransomware deployment as the UK’s greatest cyber serious and organised crime threat, with risks to Critical National Infrastructure and national security.

A ransomware attack usually blocks access to systems or data until a payment is demanded. Modern ransomware campaigns often go further. Attackers may steal data, threaten to publish intellectual property, pressure suppliers, and use public disruption to force negotiations.

This is dangerous for manufacturers because production depends on availability. If planning systems, engineering files, logistics platforms, or connected production environments become unavailable, the impact can move quickly from digital systems into physical operations.

The Jaguar Land Rover cyber incident showed how severe that impact can become. 

Infographic detailing the Jaguar Land Rover cyberattack, highlighting an estimated £1.9 billion financial impact on the UK, affecting over 5,000 organizations, halting production lines for several weeks, and resulting in canceled or delayed supplier orders.

The Cyber Monitoring Centre categorised the 2025 JLR incident as a Category 3 systemic event, estimating a £1.9 billion UK financial impact and effects across more than 5,000 UK organisations. 

Production lines were halted for several weeks, and suppliers faced cancelled or delayed orders. That case underlines the central point: a major cyber incident in manufacturing can become a supply chain event.

DDoS Attacks Can Stop Access to Critical Services

Denial-of-service attacks create disruption by overwhelming websites, applications, or networks. The Information Commissioner’s Office describes a DoS attack as an attempt to stop normal system function by overloading it and creating a virtual “traffic jam.” 

In a distributed denial-of-service attack, the attacker uses many connected devices to flood the target from multiple points.

For manufacturers, DDoS risk is not limited to public websites. It can affect customer portals, supplier platforms, remote access systems, cloud dashboards, and connected industrial services.

UK government data shows denial-of-service attacks affected 15% of large businesses that experienced a cyber breach or attack, compared with 5% of businesses overall.

The practical impact is simple. If key systems are unavailable, production planning slows down, orders cannot be processed, suppliers lose visibility, and internal teams are forced into manual workarounds.

Why Manufacturing Is Especially Vulnerable

Manufacturing has a different risk profile from many office-based sectors.

Many firms still run legacy operational technology alongside newer digital systems. Older systems are often difficult to patch, hard to monitor, and expensive to replace. As IT and OT environments become more connected, weaknesses in one area can create exposure in another.

Manufacturers also depend on complex supplier networks. A vulnerability in a third-party system, open-source component, software update, or connected service can create risk across several organisations.

This makes software supply chain security critical. Modern manufacturing companies often use internal applications, vendor platforms, cloud services, containerised workloads, and open-source libraries. 

Open source software makes up an estimated 80–90% of software application code, which means dependency risk is now part of operational resilience.

Infographic illustrating that 80-90% of application code is open source, highlighting open source dependencies, associated risks including security, availability, and performance risks, as well as the concept of weak dependency and its impact on operational resilience.

Attackers understand this. They do not always need to attack the factory floor directly. They can exploit exposed software, vulnerable dependencies, weak supplier access, or outdated components that sit inside the wider digital environment.

The Preparedness Gap

Many organisations still lack the right level of preparation.

The UK government’s Cyber Security Breaches Survey 2025 found that only 32% of businesses had a business continuity plan covering cyber security. For micro businesses, the figure was 27%.

That gap matters because prevention alone is not enough. Manufacturers need to know what software they use, which components are vulnerable, which systems are exposed, and how quickly they can recover when something goes wrong.

A strong cyber resilience plan should include:

  • Tested backup and recovery processes
  • Network segmentation between IT and OT systems
  • Regular vulnerability assessment
  • Software Bill of Materials visibility
  • Continuous monitoring of open-source components
  • Incident response planning
  • Clear supplier security expectations
  • Developer workflows that catch risks before release

Cyber Essentials, penetration testing, and annual reviews all have value. However, they cannot replace continuous visibility. New vulnerabilities are disclosed every day. A system that was safe last month may be exposed today.

Where Meterian and Cybersecurity Services Fit

Meterian helps organisations reduce software supply chain risk by giving security and engineering teams clearer visibility into open-source dependencies, vulnerable components, and remediation priorities.

Meterian-X provides continuous review of open-source libraries, risk prioritisation, actionable reporting, policy controls, and alerts that help teams fix issues earlier in the software development lifecycle.

For manufacturing businesses, this matters because software now supports production planning, supplier coordination, logistics, customer delivery, connected devices, and internal operations.

Meterian can help teams:

  • Identify vulnerable open-source components
  • Monitor dependencies continuously
  • Prioritise the most urgent risks
  • Generate clear reports for developers and security teams
  • Support governance and compliance workflows
  • Integrate security checks into DevSecOps pipelines
  • Scan application codebases and container images

Meterian’s HEIDI plugin also brings open-source vulnerability detection directly into the IDE. It helps developers catch and resolve vulnerable dependencies during the coding phase, before issues reach production systems.

That early visibility matters. The later a vulnerability is found, the more expensive and disruptive it becomes to fix.

Want to understand where open-source vulnerabilities may be hiding in your software supply chain? Use Meterian to scan your codebase, monitor dependencies continuously, and give your teams clear remediation paths before risk reaches production.

Building Cyber Resilience in UK Manufacturing

UK manufacturers cannot remove every cyber risk. They can reduce exposure, improve visibility, and make disruption less damaging.

That starts with treating software supply chain security as part of operational resilience. Manufacturers need to know which components they rely on, where vulnerabilities exist, and which fixes should come first.

The most resilient organisations will be those that connect security with engineering, operations, procurement, and risk management. Continuous scanning, dependency visibility, and fast remediation should become standard controls for any software-driven manufacturing environment.

Conclusion

Ransomware and DDoS attacks are now serious operational risks for UK manufacturing.

The sector depends on connected software, complex suppliers, and production systems that cannot afford prolonged downtime. Recent incidents show that a cyberattack can stop production, delay orders, expose sensitive data, and affect thousands of connected organisations.

Manufacturers need more than periodic testing and basic compliance. They need continuous visibility across the software systems that support their operations.

Meterian helps manufacturers strengthen that visibility by scanning codebases, monitoring open-source dependencies, prioritising vulnerabilities, and supporting DevSecOps workflows.

UK Manufacturing Cyber Security: Why Ransomware and DDoS Attacks Are Now Operational Risks

Jaguar Land Rover Cyberattack: A Wake-Up Call for Supply Chain Resilience

viviandufour, , , , Leave a comment
3–4 minutes

The automotive giant’s recent cyber breach shows why continuous vulnerability assessment and open-source security are no longer optional.

Earlier this month, Jaguar Land Rover (JLR), the UK’s largest carmaker, was forced to shut down global IT systems after a cyberattack disrupted production across its factories. Plants in Solihull, Halewood, Wolverhampton, and Slovakia were halted. Operations in China, India, and Brazil also felt the ripple effect.

Thousands of employees and suppliers were sent home. Dealers and garages had to switch to manual operations during one of the busiest sales periods of the year: the September license plate registration window.

While no customer data breach has been confirmed, the attack reflects how deeply cybersecurity failures in the supply chain can damage both business operations and national economies. JLR contributes nearly 4% of the UK’s exports.

How the Jaguar Land Rover Attack Happened

The hacking coalition calling itself “Scattered Lapsus$ Hunters” claimed responsibility, posting internal screenshots as proof. Analysts link the group to earlier social engineering campaigns carried out by collectives like Scattered Spider, Lapsus$, and ShinyHunters.

This was not a sophisticated zero-day exploit. It was an attack on trust and resilience. By exploiting weaknesses in IT systems and operational processes, attackers triggered a shutdown that cascaded across JLR’s entire global network.

For an industry where every production hour counts, this was a direct hit to the supply chain.

Why Supply Chain Vulnerabilities Are a Critical Business Risk

The JLR case illustrates the stark reality:

  • Operational Technology (OT) systems are connected to IT systems. A breach in one disrupts the other.
  • Third-party risk is first-party risk. If suppliers or partners are compromised, your own resilience is at stake.
  • Downtime is as damaging as data loss. Even without stolen records, JLR faces millions in lost productivity and missed sales.
  • Open-source software is everywhere. Modern automotive systems depend on open-source libraries and components. Without continuous monitoring, hidden risks can remain undetected until it’s too late.

Where Vulnerability Assessment Makes the Difference

This incident is a powerful reminder of the need for continuous vulnerability assessment and software supply chain security. Key protective measures include:

  • Automated vulnerability scanning across all code, dependencies, and applications
  • SBOM (Software Bill of Materials) to ensure visibility into every open-source component used in critical systems
  • Continuous monitoring for newly disclosed CVEs that could disrupt supply chains
  • DevSecOps integration to ensure remediation is part of the development and deployment pipeline
  • Incident readiness through real-time alerts and automated remediation guidance

How Meterian Helps Build Resilience

Meterian’s platform is built to detect, monitor, and remediate open-source vulnerabilities before they cause widespread damage.

  • BOSS (Business Open Source Sentinel): Provides real-time alerts for newly disclosed vulnerabilities across your software supply chain.
  • Sentinel: Automates vulnerability assessment and integrates into your CI/CD workflows to block unsafe code before it reaches production.
  • SBOM generation and ingestion: Gives you complete visibility into the components your business depends on, simplifying compliance and response.
  • AI-powered continuous monitoring: Ensures you are always ahead of emerging threats—whether in PHP, Java, .NET, or any other stack critical to your business.

Had such systems been in place across JLR and its suppliers, the blast radius of this attack could have been contained, with faster detection and remediation.

Why Open-Source Security Matters

The JLR breach demonstrates a truth we see across industries: open-source security is business security.

When 80–90% of modern applications depend on open-source components, every unpatched library becomes a potential entry point. The cost of ignoring these risks isn’t theoretical. It’s operational paralysis, financial loss, and reputational damage.

Don’t Wait for the Next Breach

The JLR cyber attack is not an isolated incident. It is part of a wider trend of supply chain attacks targeting global industries. The question is not whether open-source vulnerabilities exist in your systems—they do. 

The question is: are you continuously monitoring and remediating them?

Now is the time to take control of your software supply chain.

👉 Learn how to strengthen resilience in our upcoming webinar:
“What’s Open Source Security Got to Do with Resilience of the Supply Chain?”
 📅 September 18, 2025 • 14:00 BST • 15:00 CET • 09:00 ET • 18:30 IST

Register here

Jaguar Land Rover Cyberattack: A Wake-Up Call for Supply Chain Resilience

Meterian Spotlight: A quick look at Honda’s open source software supply chain

viviandufour, , , , , , Leave a comment
Photo of front view of white honda car with headlights on at dusk
Photo by Douglas Bagg on Unsplash

Earlier this month, Honda announced it has suffered a cyber attack on its network.  It was affecting its operations around the world: their manufacturing plants have shut down, customer service work has been forced to stop, and their internal communication systems were affected.  Additionally, systems outside of Japan were affected due to a “virus” that spread through the network.  No further details on the root cause of the attack yet, but at Meterian we have done a quick surface scan of their websites honda.com and www.honda.co.uk.  Similar issues were found on both.  We’ll focus our blog post on Honda UK’s site.

From the summary report above, we see their website’s security scored 0 From the summary report above, we see their website’s security scored 0 out of 100 because it has 19 vulnerabilities, including jquery 1.4.2 which is vulnerable and outdated.  Honda.co.uk’s basic cybersecurity hygiene could be improved by making sure to not launch the website with vulnerable and old components — jquery 1.4.2 is from 2010.  Similar issues were found after analysing honda.com.

Although we don’t know if these two components’ weaknesses contributed to the hack of Honda’s systems, while investigations are private, we know every software application is part of a company’s digital estate.  Altogether, front end systems (like websites and mobile apps) and back end systems (like databases, servers, APIs that store or access a company’s customer data, intellectual property — the real business logic of the services) make up the digital estate.  Any security hole is a vulnerable entry point for cyber criminals to exploit and gain unauthorized access to information or systems to cause damage.  Last year in 2019, over 40GB of Honda’s data were breached, exposing details about internal systems and devices on their network. Cyber criminals have strategically targeted Honda again.  

There are many strategies to build up an organization’s cyber resilience, including cybersecurity cultural awareness among employees and operational and software development best practices.  Meterian helps customers reduce the time to detect, mitigate and resolve issues in applications’ software supply chain. These known vulnerabilities are easy to fix with Meterian because:

1. Safe coding practices can be easily adopted into the software development lifecycle  

2. Automated controls fit directly into the software development workflow for continuous monitoring

3. Meterian can be set up to run continuously and prevent such vulnerabilities from going live 

Most importantly, developers are empowered to recognise and address the issue early with information at their fingertips.  As stewards of software, they can automatically cyber-proof their apps with Meterian so the business can run continuously and avert giving unwanted prying eyes unauthorized access to systems and data.

To this day, Equifax’s mistake for not fixing a known security hole in its software application’s open source component still has consequences since the 2017 mega breach they suffered.  See TechRadar’s lackluster review of Equifax’s identity theft protection service, which they did not include in their article “Best identity theft protection for 2020.”   

Good practices in cybersecurity can help protect a company’s reputation and growth.  As we’ve also seen following the EasyJet hack incident revealed in May, business productivity and customer satisfaction can be adversely affected due to any cyber hack incident.  You can read our recent analysis on easyjet.com’s website.  

To see if your own public assets have open source vulnerabilities that anyone could find out about (and exploit to enter your systems), try our webscanner or project scanner.

Meterian Spotlight: A quick look at Honda’s open source software supply chain

The Automotive Industry: Cyber Hacks. A Growing Threat.

viviandufour, , , , , Leave a comment

5min read

The inside of a car, looking out into the motorway.
https://unsplash.com/photos/MyjVReZ5GLQ

There is no question that the automotive industry is one undergoing constant innovation and digital transformation. Nowadays, people expect to stay connected when commuting in their vehicles at all times and locations. Modern cars will have built-in navigation systems, Wi-Fi access, as well as in-vehicle infotainment systems (a combination of entertainment and information delivery to drivers). Alas, with the rise of new technologies, comes the rise of new hacks and gateways for cyber criminals to penetrate car systems. 

Yet, it is also true that these cyberattacks are not just occurring out of new technologies, there is still clearly a lack of scrutiny over vulnerable open-source components within a company’s software code. This is confirmed by a 2019 survey by Synopsys and SAE International on current cybersecurity practices which found 62% of professionals interviewed believe malicious attacks on software and open source components are bound to occur in 2020 within the automotive industry. Clearly, these security holes are major contributors as to why malicious actors have been so successful in penetrating systems and networks. 

This article intends to enlighten readers on the problems which certain hacks can cause to the automotive industry and its customers, as well as insight into ways this industry could prevent future exploits as part of their digital transformation. 

What can go wrong?

Cyberattacks to the automotive industry can have health, financial and reputational consequences. Take the examples below:

  1. A scary reality is if the hackers access the brakes or steering wheel. We have already seen an example of this in April 2019, where a hacker broke into two GPS tracking apps (ProTrack and iTrack). This resulted in access to personal data, the monitoring of the vehicle location and the ability to stop the engine altogether. This type of hack could cause serious accidents and therefore threatens the health and safety of the passenger.
  1. Automakers also have to take care of cybersecurity within their designs or else they could suffer severe financial repercussions. For example, a global automaker recalled around 1.4 million cars in 2015 due to cybersecurity risks, resulting in the potential cost of the OEM (Original Equipment Manufacturer) of nearly $600 million. The impact here is not only financial loss, but the automaker loses a certain amount of credibility as a provider, further damaging their business.
  1. Losing control of a web or mobile app also has its downfalls. Ransomware attacks or data breaches could expose a lot of sensitive data, as well as stop systems from running. As automotive companies compile a significant amount of this customer data, they become a plausible target for hackers. For example, in April 2019, Toyota announced a breach had exposed the data of up to 3.1 million customers. This disrupts the business, causes financial problems and most certainly diminishes the reputation of the company. Additionally, the leaking of software IP can also be damaging to a business, as it can give information to hackers for future exploits.

Cybersecurity is like a seatbelt

A driver with a seatbelt.
https://unsplash.com/photos/stLYAO8Vx1E

Until 1966, cars were often made without seat belts. But now, it would never cross the mind of any manufacturer to not include seatbelts in the design of a car, as it would be a major risk to the health and safety of the passenger. Here we can make a parallel with cybersecurity. In the same way there is a blatant risk of not wearing a seatbelt due to the possibility of a car accident, there is also a major risk of letting software-driven devices run without having secured their entire software supply chain to de-risk the possibility of a cyber attack via a vulnerable software component.  Everyone should wear a seatbelt in a car, so why does the automotive industry not treat cybersecurity with the same mentality? 

It is suggested the automotive industry lacks a standard approach for dealing with cybersecurity. This problem can stem from the relationship between OEMs and suppliers. Currently, contractual arrangements often do not allow OEMs to test the end-to-end cybersecurity of a vehicle platform made up of parts from different suppliers. Subsequently, this makes it hard to achieve strong cyber security when automotive software is developed and tested. 

Businesses within the car industry, may feel that they haven’t got the time to focus on cybersecurity. Too many companies will not feel the urgency until they have experienced a cyber attack themselves. For that reason, there seems to be a shortage in cybersecurity professionals globally. A Cybersecurity Workforce study has interviewed over 3200 security professionals around the world and found that the number of unfilled positions has risen from 2.93 million in 2018 to 4.07million in November 2019.

How to improve cybersecurity in a constantly evolving industry?

For manufacturers and suppliers in the automotive industry, there is a need to prioritise cybersecurity as part of the automobile’s e-safety. Collaborators in the automobile value chain must take into consideration the digital life cycle of the vehicle’s software as part of the vehicle’s holistic life cycle. Therefore producers of intelligent cars (or their electronic subcomponents) powered with software must include these 4 pillars:

  1. A good baseline: understanding the relevant legislation in the OEM markets and making sure to uphold all the existing cybersecurity standards involved. This will help all parties deliver secure software.
  1. Enforce a security-by-design culture within the engineering process. This should focus on secure development practices, software testing and new supplier-audit processes that include cybersecurity issues. Here there should also be testing or evaluating the components within code, to check for vulnerabilities.
  1. Monitor the cybersecurity of cars on the road. This means having a clear view of a vehicle’s configuration and setting up a security operations center for cars. Here the center could use correlation and artificial intelligence to detect adverse events and respond efficiently. The use of new technologies adds to how the industry needs to digitally transform to address cybersecurity effectively.
  1. Ensure software updates to vehicles pass security and safety tests. This should be run by the OEM through a software-engineering approach. This shows automakers are testing and securing changes to the vehicle as part of their continuous maintenance.
A car in a factory, being constructed by machines.
https://unsplash.com/photos/jHZ70nRk7Ns

For other business providers working within the automotive industry it is also important to adapt to changing technologies so that your cybersecurity is up to date. For example, there are many companies now promoting different ways to own a car through web and mobile apps and shared-platforms such as Turo, Drover or Avis. Here criminals could target the business because of the abundance of sensitive customer data. This could be supported when Verizon’s Data Breach Investigation report saw 60% of the time, web apps are the unlocked doors that hackers use to access user data or bring your business to a stand still. These are some tips to protect your apps:

  1. Make sure to secure vulnerabilities within your business code – more than 40% of cyberattacks originate in software servers, vehicle mobile apps and the infotainment system combined. Addressing software vulnerabilities should be a consistent practice as they are discovered daily and hackers exploit them automatically using bots and programs. The scale of vulnerabilities which a company could obtain over time is seen through the example of Uber who have 1,345 resolved bug reports and have paid out over $2.3 million. To understand the scale, Uber has received up to 111 bug reports in the past 90 days.
  1. Implement a cyber resilient culture within your business. To go through digital transformation, companies need to adapt to the growing sophistication of cyber criminals. This means there needs to be qualified teams with expertise ready and prepared to respond to malicious actors. Clearly this is something which needs to be implemented with more rigour in the automotive industry, as FleetNews’ recent survey of 500 businesses in the sector found that 65% did not have a cyber security team. 
  1. Look into the future. When investing in new technologies, understand how this will impact your business models, operational processes and the user experience. Successful transformations also depend on how firms manage digital transformation process through leadership and governance (not solely its implementation). If businesses don’t keep up with evolving technologies, how will they be able to keep up with the growing sophistication of hackers? Research by Accenture has highlighted the advantage which digital transformation provides to companies: early innovators are 67% more likely to outperform compared to 18% for market share protectors.

Let Meterian be your seat belt

Meterian can automatically inventory your open source components and analyse them to check if they are up-to-date or have any publicly disclosed security and licence risks. Get started on building a proactive defence for your customer data and software IP as your business goes through digital transformation. Try our FREE web scanner today to get a preview of what kind of potential vulnerabilities are in your website.  We can provide more in-depth analyses for all your software code bases. Get in touch today.

The Automotive Industry: Cyber Hacks. A Growing Threat.