Hackers Make Factories Their New Favorite Playground

The software controlling the world's factories and power grids is now a top target for hackers, with the manufacturing sector accounting for 42% of all operational technology (OT) intrusions, according to a new report from Trellix first detailed by Manufacturing Dive.

• Mind the gap: The digital wall that once separated corporate IT from industrial OT has crumbled, allowing attackers to pivot from a compromised email server directly into physical control systems. Trellix reports that intrusions have evolved from accidental IT spillover to deliberate targeting by both criminal groups and state-sponsored operators.

• A six-month window: These aren't sophisticated exploits, but rather attacks using common IT tools to take advantage of legacy industrial systems running on insecure protocols like Modbus and DNP3. While a major IT vulnerability might get patched in 30 days, Trellix found the average patching time for an OT asset is a glacial 180 days, creating a massive window for attack.

• Pulling the plug on safety: The danger is escalating as hackers attempt to disable the safety controls on industrial devices, a move Trellix warns "represents a critical threat to global infrastructure." The firm advises that the shift from opportunistic attacks to targeted campaigns against safety systems requires immediate attention to prevent catastrophic incidents.

To counter these threats, companies are being urged to aggressively segment their networks, enforce zero-trust principles for all connections, and hold vendors accountable for the security of their software supply chain. Trellix has made its full threat report available for download along with how it is framing its commercial response to the growing OT security challenge.