When hackers cut through the open path: inside the 95 million euro per day crisis at Jaguar Land Rover

23. septembra 2025

The halt of global production at Jaguar Land Rover due to a cyberattack reveals an uncomfortable truth about modern industry. When hackers can paralyze assembly lines from Britain to Slovakia with just a few keyboard clicks, it testifies to a fundamental shift in industrial vulnerability.

Let's look at the mathematics of disruption. JLR achieves annual revenues of approximately 35 billion euros – representing around 95 million euros daily. However, managers are painfully discovering that when production stops in a "just-in-time" environment, this money won't wait for you. Irreplaceable production slots cause a domino effect across suppliers, transport schedules, and dealer inventory stocks. Revenue simply disappears.

This isn't just a problem for the United Kingdom, where JLR accounts for 4% of total goods exports. It's equally serious for Slovakia. The plant in Nitra, which produces Discovery and Defender models, ranks among the jewels of foreign investment in Central Europe. In a country where the automotive industry provides more than a tenth of GDP and supports 200,000 jobs, a cyberattack thousands of kilometers away immediately transforms into an urgent domestic crisis.

The attackers – whether they call themselves Hellcat, Scattered Lapsus$ Hunters, or something entirely different – have revealed a reality that the industry has been unwilling to acknowledge until now. The clean separation between digital systems and physical production lines is an illusion. When IT infrastructure gets hacked, robots stop functioning, conveyor belts halt, and the carefully choreographed ballet of modern industry collapses. All of this happening precisely in September, when dealers are feverishly clearing warehouses and trying to meet quarterly targets.

It's no wonder that manufacturing has become an irresistible target for cybercriminals. Downtime costs are astronomical, supply chains are stretched so tight that every outage immediately spreads further, and brand damage grows hour by hour. Management boards, which until recently viewed cybersecurity as a technical issue on the IT department's periphery, today recognize that it must be at the core of corporate strategy.

Old approaches – checking off ISO 27001 compliance boxes, annual penetration tests, firewall patches – seem almost nostalgically retroactive. Real resilience requires more radical solutions. Organizations must have continuous oversight of every corner of their IT and OT networks. They need to transition from a "castle and moat" model to zero-trust architecture, which assumes from the start that defenses will be breached. Within such timeframes, they must begin implementing post-quantum cryptography before quantum computers completely invalidate today's encryption methods. And perhaps most importantly – they must know how to restore operations from clean backups without accidentally restoring the malicious code that originally knocked them out.

The Jaguar Land Rover episode destroys the last illusions that cyber risks are separate from business risks. When a single attack can erase 100 million euros from daily revenue, it represents an existential threat to large industrial enterprises. For the United Kingdom of Great Britain and Northern Ireland and Slovakia, economies heavily dependent on automotive manufacturing, the lesson is clear. Today's most modern factories in the world, full of cutting-edge robotics and automation, can be brought down by an ordinary computer virus. This is the new face of industry in the digital era. It's not a question of whether another attack will come, but when companies and countries will be prepared when it happens.

Source: Michalko, Matej. “Keď hackeri pretnú otvorenú cestu: vo vnútri krízy za 95 miliónov eur denne v Jaguar Land Rover.” DefenceNews.sk, September 22, 2025. https://www.defencenews.sk/kyberbezpecnost/clanok/766426-ked-hackeri-pretnu-otvorenu-cestu-vo-vnutri-krizy-za-95-milionov-eur-denne-v-jaguar-land-rover/. 

8. júla 2026
On July 17, 2026, the deadline will expire by which central state administration bodies must, for the first time, identify critical entities under Act No. 367/2024 Coll. on Critical Infrastructure. This will be the first identification process following the approval of the Strategy for the Resilience of Critical Entities, and at the same time a significant milestone in the implementation of a new system for the protection of critical infrastructure in Slovakia.
8. júla 2026
Už 17. júla 2026 uplynie lehota, do ktorej majú ústredné orgány štátnej správy po prvýkrát identifikovať kritické subjekty podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre. Pôjde o prvú identifikáciu po schválení Stratégie odolnosti kritických subjektov a zároveň o významný míľnik pri zavádzaní nového systému ochrany kritickej infraštruktúry na Slovensku.
6. júla 2026
We continue our series of expert articles dedicated to the individual sectors of critical infrastructure under Act No. 367/2024 Coll. on Critical Infrastructure. Today we take a closer look at the public administration sector. 
6. júla 2026
Pokračujeme v sérii odborných článkov, venovaných jednotlivým sektorom kritickej infraštruktúry podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre. Dnes sa pozrieme na sektor verejnej správy.
3. júla 2026
Another article in the series in which we present the essential services of critical infrastructure under Act No. 367/2024 Coll. on Critical Infrastructure. 
3. júla 2026
Ďalší článok zo série, v ktorej predstavujeme základné služby kritickej infraštruktúry podľa zákona č. 367/2024 Z. z. o kritickej infraštruktúre.
30. júna 2026
The strategic partnership between the Critical Infrastructure Association of the Slovak Republic and the Indian government organization Centre for Development of Telematics (C-DOT) has generated significant media attention in India as well. The topic of cooperation in quantum technologies, digital security, and critical infrastructure protection has appeared in several Indian media outlets and on professional platforms.
30. júna 2026
Strategické partnerstvo medzi Asociáciou kritickej infraštruktúry Slovenskej republiky a indickou vládnou organizáciou Centre for Development of Telematics (C-DOT) vyvolalo výrazný mediálny ohlas aj v Indii. Téma spolupráce v oblasti kvantových technológií, digitálnej bezpečnosti a ochrany kritickej infraštruktúry sa objavila vo viacerých indických médiách a na odborných platformách.
25. júna 2026
The Slovak Republic and the Republic of India are expanding cooperation in the field of digital security and advanced cryptographic technologies. On the occasion of the visit of the Prime Minister of the Republic of India, Narendra Modi, to Slovakia, the Critical Infrastructure Association of the Slovak Republic (AKI SR) and the Indian government organization Centre for Development of Telematics (C-DOT) signed a Memorandum of Understanding, which establishes a foundation for the joint development and implementation of quantum-safe technologies and the protection of critical infrastructure.
25. júna 2026
Slovenská republika a Indická republika rozširujú spoluprácu v oblasti digitálnej bezpečnosti a pokročilých kryptografických technológií. Asociácia kritickej infraštruktúry Slovenskej republiky (AKI SR) a indická vládna organizácia Centre for Development of Telematics (C-DOT) podpísali pri príležitosti návštevy predsedu vlády Indickej republiky Narendru Modiho na Slovensku Memorandum o porozumení, ktoré vytvára základ pre spoločný vývoj a implementáciu kvantovo bezpečných technológií a ochranu kritickej infraštruktúry.