Research & Opinion
Biggest Cyber Attacks on Industrial Critical Infrastructure in 2024: A Year in Review

The second quarter of 2024 saw an alarming escalation in cyberattacks targeting the industrial and manufacturing sectors. Publicly confirmed incidents surged to 35, a 16% increase from the 30 reported in Q1. Nearly half of these attacks resulted in the denial of operations, IT systems, or product shipments, severely impacting business continuity.
Key Trends and Statistics
Manufacturing enterprises dominated the list of victims, encompassing industries such as electronics, automotive, agriculture, medical, and construction. Other industrial sectors, including utilities, transportation, pharmaceuticals, and food and beverage, were also targeted. Among the confirmed cases, 51% involved ransomware attacks, a rise from 47% in Q1. Approximately 66% of victims were manufacturing companies, and 57% of these experienced significant data leaks.
Geographically, the United States was the hardest hit, accounting for 26% of incidents. Germany (14%) and Australia (9%) followed, with notable cases in Colombia, Argentina, and Israel. Alarmingly, one company was forced to cease operations entirely due to the impact of a cyberattack.
Notable Cases and Impacts
The quarter’s most devastating incident involved CDK Global, a U.S.-based SaaS provider for automotive dealerships. The ransomware attack disrupted operations at nearly 15,000 dealerships, leading to an estimated $1 billion in direct losses. This highlights a critical issue: the cybersecurity maturity of niche market service providers remains inadequately addressed, posing significant risks to dependent businesses.
ALSO READ : Nominate NOW for FCRF Excellence Awards at FutureCrime Summit 2025
Another troubling case involved LivaNova, a UK-based medical device manufacturer. Hackers compromised sensitive medical and device serial number data, exposing vulnerabilities in IoT devices that rely on serial numbers for encryption keys. The breach underscored the urgent need for improved security in connected medical devices.
Even leading technology companies faced challenges. Dell reported a breach involving customer data from its purchase portal, with 49 million records allegedly exposed. The attacker exploited systemic flaws by registering fake companies to access sensitive data, further demonstrating that even prominent vendors are not immune to cyber risks.
Sector-Specific Incidents
Manufacturing
Manufacturing companies bore the brunt of ransomware attacks. Japanese lens maker Hoya experienced operational disruptions due to a ransomware demand of $10 million, affecting its global divisions. Similarly, Targus, a U.S. manufacturer of computing accessories, faced business interruptions following a breach by the Red Ransomware group.
Swiss electrical firm Swisspro suffered a ransomware attack, resulting in the leak of 700GB of data. France’s Le Slip Français and Germany’s Lemken faced significant operational and data security challenges. U.S. forklift manufacturer Crown Equipment revealed sensitive employee data was exposed, emphasizing the far-reaching consequences of these breaches.
Pharmaceutical and Medical
The pharmaceutical sector also faced notable attacks. Swiss company Octapharma Plasma experienced disruptions across its U.S. plasma donation centers, potentially affecting global plasma supply chains. In Canada, Pharmascience reported a breach but managed to resume operations without severe disruptions. Meanwhile, Israeli pharmaceutical giant Rekah dealt with compromised distribution systems, raising concerns over drug availability.
ALSO READ: Nominate Top Cyber Journalists for FutureCrime Summit 2025 Awards–[Nominate a Journalist]
Utilities and Logistics
Utility companies were not spared, as Tipton Municipal Utilities in the U.S. and Colombian utility Emcali reported cyber incidents disrupting critical services. In logistics, Danish company Skanlog and Argentine firm Ocasa suffered ransomware attacks that temporarily halted operations, demonstrating the vulnerabilities within the supply chain sector.
Emerging Lessons
The rise in attacks highlights systemic gaps in cybersecurity across industrial and manufacturing sectors. While niche vendors and service providers remain vital to business operations, their lack of robust cybersecurity measures continues to expose them and their clients to heightened risks.
Organizations must address these vulnerabilities by investing in comprehensive cybersecurity strategies, including enhanced endpoint protection, improved IoT security practices, and regular risk assessments. Vendors, in particular, must prioritize the security of their infrastructure to safeguard customer and partner data.
As businesses become increasingly interconnected, the cascading effects of cyberattacks can no longer be ignored. The escalation of ransomware and data breaches in Q2 2024 serves as a stark reminder of the urgent need for a collective and proactive approach to cybersecurity.