Press Room
Cyberattacks on the supply chain double by 2025, reaching annual global cost of $53.2 billion
Attacks grew 61% year-on-year in the manufacturing sector, among the most affected along with technology, retail and others considered critical and highly interconnected.
Madrid, 5 February 2026. – Cipher, the cybersecurity division of the Prosegur Group, has published Supply Chain Attacks: 2025 Analysis and 2026 Trends, prepared by its x63 Unit, which shows that worldwide attacks on the supply chain doubled in 2025 year on year, reaching an average cost of €4.33 million per incident.
The data confirms that this type of attack has established itself as one of the main cybersecurity threats on a global scale, among the most costly and complex breaches for organizations to detect and manage.
The analysis, which integrates data from reference sources such as: IBM, Verizon DBIR, Sophos, KELA and Sonatype, shows that 22.5% of all security breaches recorded in 2025 involved third parties or vendors, twice as many as in 2024. This trend confirms a structural shift in attacker’s tactics, who prioritize indirect engagement of organizations through their technology dependencies, software providers, cloud services and SaaS integrations.
The Prosegur Group's cybersecurity unit highlights the intensification and diversification of the threat landscape throughout 2025, with particularly high ransomware activity, with some 4,701 incidents recorded globally between January and September. Adding to this pressure is the growing use of the open source ecosystem as an attack vector, with 877,522 malicious packages detected in open source repositories, a trend that reflects the interest of malicious actors in exploiting dependencies widely used by organizations.
This context has had a particularly significant impact on the manufacturing sector, where attacks grew by 61% year-on-year, placing it among the most affected areas along with technology, retail and other highly interconnected critical sectors.
The report also highlights that it takes an average of 254 days for organizations to detect and contain a breach originating in the supply chain, a delay that amplifies its operational, economic and reputational impact. On a global scale, the aggregate cost of this type of attack is estimated at more than $53.2 billion per year.
As David Manzanero Iglesias, head of Cipher's x63 Unit, explains, the digital supply chain has become the new attack perimeter. “Adversaries no longer need to directly breach a large company, they only need to compromise one of their technology providers to scale the impact silently and massively."
Recent cases in large distribution chains and industrial manufacturers show that these incidents can massively interrupt operations, resulting in production stoppages and millions in losses in revenue and market value.
Looking ahead to 2026, Cipher anticipates an intensification of supply chain attacks linked to AI, digital identities and managed services, as well as an evolution of ransomware towards triple extortion models. In this context, the report recommends strengthening third-party risk management, auditing critical integrations, adopting Zero Trust architectures and drastically reducing detection times through advanced managed detection and response systems.