India’s Factory Floors Under Siege: Manufacturing Becomes the New Cyber Battleground

Back-to-Back Breaches Expose Industrial Vulnerabilities
Two ransomware and data breach incidents struck major Indian manufacturers within 24 hours of each other in late June 2025, placing the cybersecurity of the country’s factory floors under sharp scrutiny. Bajaj Auto and one of its subsidiaries reported a ransomware attack affecting parts of their IT systems on June 23, while Tata Electronics disclosed a separate cyber breach a day earlier. Both companies confirmed they activated incident response protocols and moved to contain the damage — though the downstream consequences may prove harder to contain.
The incidents are not isolated. They reflect a structural shift in the threat landscape: cyberattacks on industrial infrastructure are accelerating precisely as manufacturers invest in automation, connected factory systems and AI-driven operations. The attack surface expands with every new sensor, every cloud-linked machine, every remote access point opened in the name of operational efficiency.
Manufacturing: The Most Targeted Sector
The data is unambiguous. According to Kaspersky’s Industrial Control Systems Threat Landscape report for Q1 2026, manufacturing was the only major industry globally where the share of attacked industrial control systems increased during the period. Southeast Asia recorded the highest concentration of such attacks. For a region positioning itself as the world’s next manufacturing hub, that is a sobering finding.
Vikash Yadav, head of enterprise for India at Kaspersky, identified the core vulnerability plainly. “Threat actors are increasingly targeting internet-facing operational technology at remote sites,” he said. “As factories become more connected, they present a larger attack surface for ransomware groups, advanced persistent threat actors and supply-chain attackers exploiting smaller vendors.” The threat is not merely technical. It is architectural — built into the logic of digital industrial transformation itself.
Legacy Systems and the IT-OT Divide
On the shop floor, the problem compounds. Debashish Roy, chief digital and technology officer at CEAT, pointed to a fundamental design flaw embedded in much of India’s industrial base. Many shop floors still rely on legacy equipment that was never engineered with cybersecurity in mind — machinery that predates networked computing, now grafted into connected environments for which it was never intended.
“Companies need stronger separation between IT and operational technology networks while using AI at the edge so innovation does not come at the cost of security,” Roy said. The stakes are not merely financial. Attacks on production systems can halt manufacturing lines, compromise worker safety and rupture business continuity across entire supply chains. The IT-OT convergence that drives productivity gains simultaneously dissolves the air gaps that once kept operational systems insulated from external threats.
India’s CERT-In has responded by urging organisations to strengthen vulnerability management, enforce network segmentation, implement multi-factor authentication and sustain continuous monitoring — particularly as AI tools lower the technical barrier for sophisticated attacks.
The IP Leak Problem and the China-Plus-One Calculus
The Tata Electronics breach carries implications that reach well beyond production losses. Reuters reported that the incident at Tata’s Hosur facility allegedly exposed confidential information belonging to Apple and Tesla, including component specifications and images of unreleased Apple products. Both companies stated that operations remained unaffected. The reputational arithmetic, however, is less straightforward.
India’s manufacturing ambitions rest substantially on the China-plus-one strategy — the global corporate pivot away from single-source dependency on Chinese production. Attracting that investment requires more than competitive labour costs and government incentives. It demands demonstrable protection of intellectual property. Srinivas L, joint CEO of 63SATS Cybertech, articulated the risk with precision: “If India acquires a reputation for IP leaks, it could erode the trust that underpins the China-plus-one opportunity.”
He called for sector-specific cybersecurity guidelines and stronger mandatory incident reporting through CERT-In as foundational steps toward systemic resilience. The regulatory architecture, in other words, must evolve at the same pace as the threat environment — and currently, it does not.
A Business Risk, Not an IT Problem
The back-to-back attacks on Bajaj Auto and Tata Electronics crystallise a shift in how industrial cybersecurity must be understood. This is no longer a matter of patching servers or updating antivirus definitions. It is a strategic business risk, embedded in supply chains, trade relationships and national economic positioning. India’s factory floors are becoming more sophisticated. So are the actors targeting them.





