Cyberattack via Ransomware at Major EMS Provider Foxconn

Estimated reading time: 2 minutes

A recent cyberattack targeting Foxconn has once again exposed the growing vulnerability of global manufacturing and electronics supply chains to ransomware operations. According to CyberScoop, the attack disrupted operations at several of Foxconn’s North American facilities, temporarily forcing some production activities into manual workarounds while systems were restored.

The ransomware group Nitrogen has claimed responsibility for the breach, alleging it stole nearly 8 terabytes of sensitive data tied to some of the world’s largest technology companies, including Apple, Nvidia, Intel, Dell, and Google. The group claims the stolen information includes engineering files, internal business documents, and project data. Foxconn has not confirmed the extent of the alleged theft but acknowledged that certain systems and operations were affected.

The incident reflects a broader and increasingly troubling trend across the manufacturing sector. As reported by Industrial Cyber, ransomware groups are aggressively targeting manufacturers because operational downtime creates immediate financial pressure and supply chain disruption—conditions that can increase the likelihood of ransom payments. For companies like Foxconn, whose factories support some of the world’s largest electronics brands, even short-term disruptions can ripple across multiple industries.

Cybersecurity analysts cited in both reports note that contract manufacturers have become particularly attractive targets because they sit at the intersection of highly interconnected global production networks. A successful attack can affect not only the manufacturer itself, but also OEM customers, suppliers, logistics providers, and downstream production schedules.

The Nitrogen ransomware operation is believed to have links to the broader ALPHV/BlackCat cybercriminal ecosystem, which has been associated with numerous high-profile attacks against critical infrastructure and industrial organizations over the past several years.

This is not Foxconn’s first ransomware incident. Previous attacks in 2020 and 2022 impacted facilities in Mexico, reinforcing concerns that manufacturing companies continue to face persistent cyber threats despite increased investment in cybersecurity defenses.

The latest breach serves as another reminder that cybersecurity is no longer simply an IT issue. For modern manufacturers, it has become a core operational risk directly tied to production continuity, customer confidence, and global supply chain stability.

Sources:
CyberScoop, “Foxconn Cyberattack Disrupts North America Factories”
Industrial Cyber, “Ransomware Attacks on West Pharmaceutical and Foxconn Highlight Growing Cyber Risks to Manufacturing Sector”