On May 14, 2025, Nucor Corporation, the largest steel producer in North America, experienced a cybersecurity incident, which forced the company to halt production at several of its facilities. This event is a stark reminder that cyber threats are a real and growing risk for the steel and manufacturing sectors-not just for banks or tech firms. Here’s what happened, why it matters, and what every manufacturing company should do to protect itself.
What Happened at Nucor?
Nucor, based in Charlotte, North Carolina, detected unauthorized third-party access to some of its computer systems. In response, the company quickly took affected systems offline and temporarily shut down certain production operations as a precaution. The breach impacted facilities across the U.S., Mexico, and Canada, though Nucor has not disclosed specific locations or products affected15.
The company, which employs over 32,000 people and reported $7.83 billion in revenue in the first quarter of 2025, is working with external cybersecurity experts and federal law enforcement to investigate the incident56. While production has begun restarting, the full scope of the disruption-including potential delays to customer orders or supply chain impacts-remains unclear.
“Upon detecting the incident, the Company began promptly taking steps to contain and respond to the incident, including activating its incident response plan, proactively taking potentially affected systems offline and implementing other containment, remediation, or recovery measures.”
– Nucor SEC Filing110
Nucor has not confirmed whether data was stolen or if ransomware was involved. However, the incident mirrors recent attacks on critical infrastructure, such as the 2021 Colonial Pipeline ransomware attack, which caused widespread fuel shortages and panic buying12. For steel manufacturers, even a temporary shutdown can ripple through industries like construction, automotive, and infrastructure development.
Why This Matters for Steel and Manufacturing Companies
The Nucor incident is not an isolated case. According to IBM’s X-Force 2025 threat intelligence report, manufacturing has been the most targeted industry for cyberattacks for four years running45. Hackers often exploit outdated technology and weak security practices common in factories. When a cyberattack hits, the cost can be huge: lost production, delayed shipments, damaged reputation, and even potential safety risks.
Steel and manufacturing companies are especially vulnerable because:
- Legacy Systems: Many facilities rely on older equipment not designed for today’s cyber threats.
- Interconnected Operations: Production lines depend on both IT (office systems) and OT (factory-floor machines), creating more entry points for hackers.
- Supply Chain Pressures: A single day of downtime can disrupt contracts with builders, automakers, and infrastructure projects.
- National Security Risks: Steel is critical for defense, transportation, and energy sectors, making it a high-value target for foreign hackers.
The financial stakes are enormous. For example, the 2021 Colonial Pipeline attack cost the company $4.4 million in ransom payments and led to gas price spikes nationwide12. While Nucor has not disclosed costs, its stock price dipped 2% in early trading following the announcement11.
What Can Companies Do? Simple Cybersecurity Best Practices
While cybersecurity can seem overwhelming, there are straightforward steps every steel and manufacturing company can take to reduce their risk. Here’s how to start:
1. Keep Software and Systems Updated
Many factories use decades-old machines that cannot be patched. For these systems, isolate them from the internet and monitor them closely. For newer equipment, install updates during scheduled maintenance windows. Even basic steps like changing default passwords on factory robots or sensors can prevent easy access for hackers45.
2. Control Access to Critical Systems
Limit who can log into production computers. For example, only maintenance supervisors-not all floor workers-should have access to systems controlling furnace temperatures. Use strong, unique passwords and add two-step verification for remote access. Nucor’s incident shows that unauthorized third parties can exploit weak login controls110.
3. Train Employees to Spot Red Flags
Most cyberattacks start with a phishing email or fraudulent phone call. Teach staff to:
- Avoid clicking links in unexpected messages (e.g., “Urgent Invoice Payment Required”).
- Verify requests for sensitive data by contacting the sender directly.
- Report suspicious activity immediately.
Regular training sessions, even 15-minute monthly refreshers, can significantly reduce risks12.
4. Back Up Data and Test Recovery Plans
Store backups of production schedules, inventory lists, and machine blueprints offline. If hackers lock your systems, backups allow you to restart operations without paying a ransom. Practice restoring data annually to ensure the process works12.
5. Prepare an Incident Response Plan
Nucor’s quick shutdown of affected systems likely limited the damage. Every company should have a written plan that includes:
- Who to contact (e.g., IT team, law enforcement, customers).
- Steps to isolate compromised machines.
- A communications strategy for employees and stakeholders.
Conduct drills twice a year to ensure everyone knows their role15.
6. Work with Cybersecurity Experts
Most small-to-midsize manufacturers lack in-house IT teams. Partner with cybersecurity firms to:
- Scan networks for vulnerabilities.
- Set up firewalls and intrusion detection systems.
- Monitor for suspicious activity 24/7.
The cost of prevention is far lower than the cost of downtime.
7. Audit Third-Party Vendors
Hackers often target weaker vendors to reach larger companies. Require contractors and suppliers to meet basic security standards, such as using encrypted file sharing and multi-factor authentication4.
Key Takeaways for the Steel Industry
The Nucor cyberattack is a wake-up call for manufacturers:
- No One Is Immune: Even industry leaders with robust resources can be hit.
- Basic Steps Make a Difference: Updating software, training staff, and backing up data are low-cost ways to deter hackers.
- Preparation Is Critical: Having a response plan can minimize downtime and reputational harm.
“Hackers have targeted the manufacturing industry more than any other for four years in a row… with attackers exploiting outdated legacy technology that is prevalent in the industry.”
– IBM X-Force 2025 Report 4
Conclusion: Act Now-Before the Next Attack
The Nucor incident underscores a harsh reality: Cyberattacks on manufacturers are not a matter of if but when. For an industry already grappling with supply chain snarls and economic uncertainty, a cyber breach could be catastrophic.
Here’s what every steel and manufacturing leader should do today:
- Assess Risks: Identify critical systems (e.g., blast furnace controls, shipping schedules) and prioritize their protection.
- Invest in Training: Empower employees to become the first line of defense against phishing and social engineering.
- Build Partnerships: Collaborate with cybersecurity experts and industry groups to share threat intelligence.
Additional Resources: Government Cybersecurity Websites for Manufacturers
For steel and manufacturing businesses looking to strengthen their cybersecurity, several trusted government agencies offer free, practical resources tailored to the sector. These sites provide guides, checklists, assessment tools, and up-to-date information on threats and best practices. Here are some of the most valuable resources to help your company get started or improve your cybersecurity program:
- NIST Cybersecurity Resources for Manufacturers:
The National Institute of Standards and Technology (NIST) offers a comprehensive hub with practical guidance, self-assessment tools, and training specifically for manufacturers. The Manufacturing Extension Partnership (MEP) network can also help you evaluate your current risk and implement cost-effective solutions18. - CISA Critical Manufacturing Sector Resources:
The Cybersecurity and Infrastructure Security Agency (CISA) provides a wide range of resources for critical manufacturing, including sector-specific cybersecurity frameworks, threat alerts, and implementation guides. Their site is a go-to for understanding risks and building resilience in manufacturing operations23. - Department of Defense (DoD) Cybersecurity Resources:
The DoD Office of Small Business Programs maintains a platform with tools, training, and compliance guides aimed at helping businesses-especially those in the supply chain-meet cybersecurity requirements and stay protected4. - Industry Standards and Compliance Information:
NIST also provides guidance on regulatory requirements for manufacturers, including DFARS for defense contractors and foundational cybersecurity activities for IoT device makers8. Staying compliant helps protect your business and opens doors to more contracts.
If you’re unsure where to start, reach out to your local NIST MEP Center or consult the CISA resources for tailored advice and support. Regularly visiting these sites can help you stay ahead of new threats and ensure your company’s cybersecurity practices are up to date.
Quick Links:
- NIST Cybersecurity Resources for Manufacturers
- CISA Critical Manufacturing Sector Resources
- DoD Office of Small Business Programs – Cybersecurity
- NIST Manufacturing Sector Cybersecurity Guidance
Check out some of our other articles:
- Steel Industry News Community Poll: Reactions To The 50% Steel Tariffs
- Nucor Raises Prices as 50% Tariffs Reshape Market Dynamics
- Cleveland-Cliffs Cancels $500 Million Green Steel Project
- Trump Announces New 50% Steel and Aluminum Tariffs
- The US Steel-Nippon Steel Deal: Structure, National Security, and the “Golden Share”
📬 Enjoying this article? Don’t miss the next one.
Subscribe to the Steel Industry News email newsletter to get the latest updates delivered straight to your inbox — from mill pricing to market shifts.
🆓 Stay informed with a free subscription, or
🔐 Unlock even more with a paid plan (just $10.50/month with annual billing) and get:
✅ Full access to all in-depth newsletters and podcasts
📊 U.S. mill pricing, input costs, and production data
🌍 The latest Steel Industry News direct to you
📚 Exclusive subscriber-only E-Books, reports, guides & archives
🙌 Unlock Full Access to the Steel Market Insights & Strategy Guide