> there is no such thing as a PLC accessible from Internet in a real production site.
That is so massively optimistic. I don't doubt you know your stuff, but manufacturing is a huge field, widely distributed, it is done by small companies as well as large ones, and specifying and purchasing a PLC system can be done to satisfy operational needs without necessarily having suitable network infrastructure and security expertise. The number of PLCs "accessible from Internet in a real production site" is probably in the thousands.
Smaller companies take shortcuts, that is true, but not a nuclear power plant like the bait used in the article. Smaller companies also do less damage when they are hacked.
It's definitely gotten significantly better the past 5+ years. And yes, it's extremely rare for something as a nuclear power plant to be on the Internet.
That is so massively optimistic. I don't doubt you know your stuff, but manufacturing is a huge field, widely distributed, it is done by small companies as well as large ones, and specifying and purchasing a PLC system can be done to satisfy operational needs without necessarily having suitable network infrastructure and security expertise. The number of PLCs "accessible from Internet in a real production site" is probably in the thousands.