As manufacturing systems and industrial control devices become increasingly connected, attackers are finding new ways to hijack machines, disrupt operations, and steal intellectual property. In this episode of Exploited: The Cyber Truth, host Paul Ducklin and RunSafe Security Founder and CEO Joseph M. Saunders break down how embedded threats unfold and why manufacturers are in the crosshairs.

Joe shares real-world examples of water system breaches, programmable logic controller (PLC) exploits, and the dangers of memory-unsafe code that persists across legacy and modern systems. He explains how attackers weaponize software supply chain weaknesses and software determinism—and why preventing exploitation at build time is critical.

Topics discussed include:

• How adversaries infiltrate embedded and industrial devices
• The role of nation-state motivations, economic espionage, and insider threats
• Why memory-unsafe languages remain a root cause of critical vulnerabilities
• How Secure by Design practices and runtime protections can harden devices without disrupting operations
• What manufacturers must watch as AI-driven attack paths begin to emerge

For leaders responsible for protecting industrial systems, this episode offers a clear-eyed look at the risks and practical strategies to defend machines before they get hacked.