PLCs can be a tempting target for threat actors as they can be abused to cause damage and disruption, and to make changes to the processes they control. This is why they are often seen as the ultimate goal of an attacker.

However, researchers at industrial cybersecurity firm Claroty wanted to show that PLCs can also be used as a point of entry into an organization, being leveraged to target the engineering workstations connected to them and from there the rest of the internal network.