Manufacturing is the second most commonly targeted industry by attackers and many attacks are successful due to the many vulnerabilities that exist in the manufacturing environment.
Employees/contractors: In 2015, 60% of all attacks were carried out by insiders; employees or anyone who has access to a company’s assets (i.e. contractors.) 
Internetworking: New business models related to the Internet of Things (IoT) have made manufacturers more vulnerable as both the industrial and business networks are interconnected to the internet and no longer separated, expanding the attack surface.
The automation layer: One of the easiest and successful way to launch an attack in a manufacturing facility is to change an automation device’s program data. “While a predefined set of process parameters can be changed through HMI/SCADA applications, the logic maintained on the controller defines the process flow and its safety settings. Therefore, changing the controller logic is both the easiest and most successful way to cause such disruption.”