Ransomware in the Fast Lane: Lessons from the Jaguar Land Rover Attack

When ransomware forced Jaguar Land Rover to halt production for six weeks, the impact rippled through global supply chains — from luxury car lines to small suppliers fighting to stay afloat. In this episode, Sherri Davidoff and Matt Durrin examine what happened, why manufacturing has become ransomware’s top target, and what new data from Sophos and Black Kite reveal about the latest attack trends.

They share practical insights on how organizations can strengthen resilience, secure supply chains, and prepare for the next wave of operational ransomware attacks.

Key Takeaways

1. Patch and prioritize. Focus on fixing known exploited vulnerabilities (CISA KEV) and critical flaws before attackers do.

2. Monitor your vendors continuously. Move beyond annual questionnaire—use ongoing, data-driven monitoring to identify risk in your supply chain.

3. Segment IT and OT networks. Strong isolation can contain ransomware and prevent complete production shutdowns.

4. Invest in detection and response. Around-the-clock monitoring (MDR or SOC) can detect early-stage activity before encryption starts.

5. Practice recovery. Test isolation, backup, and restoration processes regularly — and include your leadership team in realistic tabletop exercises.

References & Further Reading
Sophos – State of Ransomware 2025 (June 2025): Sophos – State of Ransomware 2025
Black Kite – Manufacturing TPRM Report 2025: Black Kite – Manufacturing TPRM Report 2025
The Guardian – “Jaguar Land Rover Hack Shuts Factories After Cyberattack”: The Guardian
Reuters – “JLR to Restart Some Manufacturing After Six-Week Shutdown”: Reuters
Dark Reading – Ransomware in Manufacturing: An Escalating Battle: Dark Reading
LMG Security – Ransomware Prevention Best Practices Checklist: LMG Security – Ransomware Prevention Best Practices Checklist

#ransomware #ransomwareattack #cybersecurity #cybercrime #infosec #cybersidechats #lmgsecurity