A single prepped e-mail is all that is required. Easily opened by employees, it releases Trojans and viruses onto company computers through spear-phishing. They spread across office and production networks, causing substantial damage due to production outages or know-how theft. Or look at virtual threats like the ransomware
Wannacry at the beginning of May or Petya at the end of June 2017, which target vulnerabilities in the IT system. They gained access to third-party systems via an unsecured Windows interface, implanted themselves onto hard disks and encrypted files and demanded ransoms. There were problems in the office and noticeable consequences for the companies affected. So far, assembly lines stood still at Renault in Douai, France, measurement sensors failed at the reactor ruins in Chernobyl, the shipping line Maersk had to shut down systems around the world, and production was interrupted at several companies throughout Europe. The reason for that is that corporate networks and IT structures now exist, where there once was a so-called air gap
between offices and factory buildings. The result is that although a connected factory manufactures goods faster, more efficiently and more economically, it is also more susceptible to cyberattacks.
Production networks are often based on outdated systems or cannot easily be updated with new software.