As we connect ever more equipment to networks in general and to the internet specifically. And link ever more and more controls to front ends that use commonly known and understood protocols, commands, etc.
The below links refer to problems with SCADA systems. But the same principles and ideas can be applied to other open control protocols and frameworks for which there is plentiful documentation and real equipment that can be purchased by anyone for the purposes of testing, learning, and so forth.
Wallstreet Journal article:
Electricity Grid in U.S. Penetrated By Spies
WASHINGTON -- Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.
"Zombies ahead!" sign says something about SCADA security
Experts hack power grid in no time
Basic social engineering and browser exploits expose electric production and distribution network
C4-Security is an industry association which concerns itself with Scada security issues. Here is a list of some real incidences they've got on record:
I'm guessing that there is a very good reason that one of our larger and more security conscious customers does not allow any PC that is connected to their intranet or to the Internet in general, to be also connected to their controls network.