For the fifth year in a row, IBM’s X-Force Threat Intelligence Index 2026 found that manufacturing remains the most targeted industry for cyberattacks. The sector accounted for 27.7% of incidents, only a slight increase from 26% last year. And the financial impact is significant. According to Arctic Wolf, the median cost of a manufacturing ransomware attack handled by its Incident Response team reached $600,000 in 2026, but total losses can easily climb into the millions.
So what can manufacturers do to protect themselves? A team of engineers at Rutgers University has proposed a new approach to defending additive manufacturing systems, particularly those producing mission-critical parts for national security and infrastructure. Rajiv Malhotra, an associate professor in the Rutgers School of Engineering Department of Mechanical and Aerospace Engineering, coauthored a paper on the subject that was published in the Journal of Manufacturing Systems. The research proposes a digital twin framework designed to improve manufacturing resilience. Before diving into that approach, it’s worth understanding why manufacturing has become such a frequent target.
The digital twins were able to ensure that printing was corrected. (Image credit: Cleeman et al.).
Why Is Manufacturing a Target?
There are a few key reasons manufacturing continues to attract cyberattacks. According to cybersecurity company Arctic Wolf, one is the industry’s reliance on highly interconnected systems, many of which still run on legacy software not built with modern cybersecurity in mind. That makes them easier to exploit.
Manufacturing also sits at the center of global supply chains. A single successful attack can disrupt thousands of downstream suppliers and customers, putting immediate pressure on companies to restore operations – often by paying a ransom. Add to that the cost of downtime, which can reach millions of dollars, and it’s easy to see why the sector is such an appealing target. There’s also the value of intellectual property. Designs, blueprints and proprietary processes can be just as lucrative as ransom payments when stolen and resold.
What Can Cyberattacks Do to AM?
In additive manufacturing, cyberattacks can take more subtle forms. According to the Rutgers team, attackers can manipulate digital design files to introduce geometric defects, such as missing fillets, or alter process parameters to create flaws like internal voids. These changes may be difficult to detect but can significantly compromise part performance.
Malhotra explained that traditional approaches to dealing with cyberattacks rely on reporting and detecting the issue and shutting production down. This method is time-consuming, and it can take weeks before production can start again.
The method proposed by the Rutgers researchers takes a different approach. Instead of stopping production entirely, it aims to maintain continuity even while an attack is ongoing and not yet fully resolved.
These digital twins “work in tandem to create resilience at key points of the manufacturing digital chain where cyberphysical attacks might occur – such as the part model, machine firmware and the process plan generation software,” Malhotra said.
Dual Digital Twins: Geo-DT and Pro-DT
To achieve this, the researchers developed a dual digital twin (DT) framework capable of detecting and correcting defects during the additive manufacturing process. The first component, a geometry-focused digital twin (Geo-DT), uses a physics-based soft sensing approach combined with topology optimization to identify and fix shape deviations. The second, a process digital twin (Pro-DT), integrates defect detection with a reinforcement learning model that can adapt in real time.
They tested the system on a real additive manufacturing setup and found that the Geo-DT could correct geometric flaws even without access to the original design file or knowledge of how an attack altered the part. At the same time, the Pro-DT was able to quickly respond to and mitigate defects, even when disruptions introduced unpredictable changes to the process. “This scalability to unknown attacks is critical,” Malhotra said.
A graphical abstract of the study (Image Credit: Cleeman et al.)
Looking ahead, Malhotra noted that the team plans to expand the research to address attacks targeting sensor signals, as well as broader concerns around machine and operator safety. They also aim to explore hybrid manufacturing systems to provide more comprehensive protection against defects caused by cyberattacks.
The research began in September 2024 with support from funding from the National Science Foundation and the U.S. Department of Energy. For a deeper look at the research behind this new approach, you can explore the full study here.
What do you think of this cybersecurity method? Let us know in the comments below or on our LinkedIn and Facebook pages. Plus, sign up for our free weekly Newsletter to get the latest 3D printing news straight to your inbox. You can also find all our videos on our YouTube channel.
*Cover Image: AI-generated illustration created with DALL·E (OpenAI)