Bottom line: Operational Technology in factories presents attackers with significantly lower barriers than modern IT infrastructure, while cyber outages in production have existential consequences.
While IT security has been strengthened in office environments, production facilities have become the preferred target of professional cybercriminals. Industrial control systems lack modern security measures and are often connected directly to networks.
The security strategy in European companies follows a dangerous asymmetry: while firewalls, cloud hardening, and Security Operations Centers protect administrative environments, operational systems in factory floors often remain unprotected. Professional attackers have recognized this distinction and are deliberately shifting their operations to machines, controllers, and automated logistics systems instead of office servers. A cyberattack at the production level threatens a company’s viability far more rapidly than the compromise of a mail server.
For decades, factories protected their facilities through physical and digital isolation from the internet — a model that worked because production machinery was not networked. The fourth industrial revolution has dissolved this separation. Modern manufacturing requires real-time data streams: sensors transmit wear values to maintenance systems, CNC machines download design data from the cloud, logistics systems synchronize conveyor speeds by the second. The central problem lies in the hardware: many programmable logic controllers currently in use were designed for a lifespan of 20 to 30 years, originating in an era when cybersecurity was not a design criterion. These systems communicate via protocols without encryption or authentication and possess minimal computing power — insufficient for modern endpoint protection software. For professional attackers, this constellation presents not a technical barrier, but an invitation.
With attacks on conventional IT infrastructure, established recovery procedures work: isolation, restoring from backup, restart. Damage remains digitally contained. In factory automation, this model does not apply. When malicious code penetrates production control systems, physical damage to expensive equipment and tools threatens. A particularly insidious scenario is silent sabotage: attackers change minimal machine parameters or manipulate quality control values. Production continues apparently normally, but systematically produces errors that are only discovered weeks later by the customer.
Source: www.it-daily.net · Published 10 June 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification through Lumi News Pipeline v1.6.5.