As Russia’s war against Ukraine continues, the Kremlin is also waging a hybrid war which has spilled into Europe and beyond, with unconventional forms of “grey zone” attacks posing risks and disruption to both citizens and businesses. Here we’ll discuss how these tactics are affecting manufacturing in the region, and how companies are responding to the ongoing and escalating threat.
Preparedness = Diversification
Manufacturers who are well prepared have begun the process of diversification by systematically mapping their supply chains to identify critical suppliers that may be vulnerable to hybrid threats due to their location, customer base, or digital exposure.
Some companies are complementing this by proactively qualifying and onboarding alternative suppliers, which can enable the rapid substitution of key partners if they are targeted. Another step companies are considering is making contracts with suppliers more adaptable, with clauses that allow for renegotiation in light of disruptions associated with hybrid attacks. Some manufacturers place regular trial orders with backup suppliers who are capable of meeting quality and delivery standards under pressure, to ensure readiness.
In addition to the diversification of suppliers, companies may be looking to building up stockpiles of critical components. Maintaining safety stock at secure locations—in fulfilment centers, local warehouses, or third-party facilities—ensures production can continue even if a supplier is offline or a transport route is blocked. However, on the flip side, companies are having to carefully balance when building up increased inventory against the added costs of storage, potential obsolescence, and capital tied up in unsold goods.
Broader Thinking about Logistics Routes
On the logistics side, forward-thinking manufacturers are taking steps to avoid reliance on a single transport corridor or mode. They might achieve this by securing multiple shipping, rail, or air routes to reach their markets and disperse inventory across regional warehouses or logistics hubs in less exposed areas.
Investing in real-time shipment tracking and adoption of increased technology into supply chains, including artificial intelligence, is another approach companies are considering. This can improve inventory management and allows for the transparency and traceability of supply chains, which in turn allows companies to respond quickly if disruptions occur.
Scenario planning and conducting live exercises simulating the loss of access to certain suppliers or routes enables teams to practice rapid re-routing to alternative locations and refine contingency protocols. Regular communication and information sharing with logistics providers, local industry groups, and authorities further bolsters preparedness and supports early detection of hybrid threats.
Communications and Digital Infrastructure at Risk
Manufacturing companies are vulnerable because their reliance on operational technology (OT) and digital infrastructure closely links day-to-day operations to both cyber and physical domains. From an operational perspective, the increasing digitization of industrial technology means that cyberattacks can trigger significant physical and operational disruptions.
For example, manufacturers often depend heavily on computer-aided design (CAD) files to run production lines. In the event of a ransomware attack, these files could become unusable, leading to major supply chain disruptions. And what makes securing OT difficult is that they often use unique or novel operating systems that make deployment of security or monitoring tools very complicated and more challenging. As a result, heavy OT environments often have many end-of-life (EOL) systems, outdated support, missing patches, etc.
Transport networks face similar risks. In Europe, persistent underinvestment in the digital systems that underpin telecommunications and transport infrastructure has left critical nodes exposed.
This vulnerability is compounded by gaps in civil-military cybersecurity coordination, meaning infrastructure already known to be targeted by malicious actors such as Russia is still largely governed by civilian digital architecture. As a result, ports and rail networks are increasingly under threat.
Over the past five years, most NATO members have reported cyberattacks on port infrastructure, with access control systems and vessel traffic management technologies being particularly sensitive. European rail companies have also recorded multiple cyber incidents attributed to Russian actors, targeting signalling systems, causing widespread delays and severe commercial and supply chain disruptions.
Geopolitical unrest and violence have made it virtually impossible for manufacturers and many other industries to operate by the same rules they did even a decade ago. Leaders need to be alert to the early warning signs—e.g., mass disinformation campaigns, increased cyberattacks, surges in vandalism, and disruptions to critical infrastructure—that instability could impact their production and supply continuity, and work toward greater resilience.
Richard Gardiner is a Senior Analyst on the Strategic Intelligence team of cybersecurity and corporate intelligence firm S-RM.
