Five Key takeaways from the North West Hack Attack event.

The Attack

Attendees at the event were walked through a scenario where Hacker ‘Alice’ targeted a manufacture company, stole access credentials to their system and then sold them on the dark web another hacker to use.

Over the course of the session, we learned how she did this, who she might target and how best manufacturers can protect themselves from it.

Here are some of the key takeaways from the session

1. Hacking is time consuming, but AI is making it quicker and easier.

During this scenario, our hacker “Alice” takes a patient and methodical approach. She begins by reviewing publicly available information from sources such as LinkedIn, Facebook, and the company website to understand the business, identify key individuals, and decide who to target. Once a target is selected, she launches a campaign of emails and even phone calls, designed to build trust and trick the individual into revealing their login credentials. Traditionally, this level of preparation could take days or even weeks to plan and execute. However, with the rise of AI-powered tools, this process is now significantly faster, reducing preparation time from weeks to minutes. This means cyber criminals can scale their efforts and increasingly target smaller businesses, including SME manufacturers, who may previously have been overlooked.

2. What to Look for in a Phishing Email

Phishing emails remain one of the most common and effective ways cyber criminals gain access to business systems—particularly within supply chains and SME networks like those supported by Made Smarter. These emails are

designed to appear legitimate, often mimicking trusted organisations such as banks, suppliers, or delivery partners.

In a manufacturing context, the impact can be significant—ranging from fraudulent invoice payments to compromised operational systems. Being able to recognise the warning signs is a critical first line of defence. So, what should you look out for?

a. Email address Check the sender’s address carefully. Does it match the organisation it claims to be from? Look for subtle differences (e.g. extra characters, misspellings, or unusual domains) that may indicate it’s not genuine.

b. Spelling and grammar Many phishing emails contain noticeable spelling mistakes or awkward phrasing. While not always the case, poor language can be a strong indicator that the email is not from a professional or trusted source.

c. Suspicious or unusual requests Be cautious if the email asks you to:

i. Pay an unexpected invoice

ii. Change bank details

iii. Purchase gift cards

iv. Review or approve something outside your normal responsibilities

Phishing emails often create a false sense of urgency, encouraging quick action without proper checks—something that can be particularly risky in fast-paced operational environments.

3. It might not be the original hacker that holding you to ransom.

Cyber incidents aren’t always carried out by a single individual. In many cases, attackers work within a wider criminal ecosystem.

Our hacker may not intend to use your information directly. Instead, they could be collecting login details or access to systems and then selling that access on to other criminals. These buyers may then carry out the more visible attack, such as deploying ransomware or stealing sensitive business data.

This means that even a small slip, like entering your password into a fake login page, can have delayed but serious consequences.

What should you do if you suspect a breach?

- Act immediately - don’t wait to “see what happens”

- Change your password (and any similar passwords used elsewhere)

- Report it to your IT team or provider straight away

- Enable additional protections such as multi-factor authentication if not already in place

Taking fast action can significantly reduce the risk of a minor incident escalating into a major disruption—such as operational downtime, financial loss, or reputational damage.

4. Protecting your business is easier than you think.

A point raised by both speakers was that protecting your business isn’t complicated and shouldn’t be something that is put off. A great amount of the risk can by migrated by training your team on the dangers and having strict policies and response plans in place.

Having a culture of cyber awareness in your business can help prevent attacks.

Simple steps include:

- Using strong passwords (and don’t reuse them)

- Turning on multi-factor authentication (MFA)

- Training your team to spot phishing emails

- Keeping systems updated

- Backing up your data regularly

- Limiting access to systems. Only give people access to what they need

- Having a simple response plan

5. Support is available

Securing your business against cyber attacks might seem daunting, but there is a wide range of support available to help you get started. The North West Cyber Resilience Centre (NWCRC) offers free support to SMEs, including education, testing, and training, delivered by a trusted team of professionals, seconded police officers, and ethical hacking students from local universities.

Punk Security supports businesses by providing practical, hands-on cyber security testing and assurance. They specialise in identifying vulnerabilities before attackers do, helping SMEs understand where their risks are and how to address them. Their services include security reviews and advice for compliance and best practice, helping organisations align with recognised standards such as Cyber Essentials.

Alongside this, Made Smarter can support manufacturers by embedding cyber resilience into their wider digital transformation journey.