Knock at the Door: Why Industrial Cyber Just Went Kinetic

John Z Black Apr 17, 2026 Policy, Law & Governance #critical-infrastructure #russia #ptc-windchill #apt28 #industrial-security #sweden #hensoldt

When the police show up at your factory door to tell you to patch your software, you know the situation has moved past a routine security advisory. Three weeks into the PTC Windchill crisis, we have learned that the physical alerts in Germany were far from an over-reaction. They were a necessary response to a coordinated Russian campaign targeting the physical world.

Sweden just disclosed a foiled sabotage attempt on a thermal power plant that was designed to cause actual physical damage, not just steal data. At the same time, APT28 is vacuuming up credentials from over 170 accounts across NATO and European defense agencies. The Windchill vulnerability is just one of several doors they are trying to kick down.

The German Federal Police are currently pairing their doorbell warnings with the deployment of counter drone vehicles at critical sites. This is the new reality: digital and kinetic threats are hitting at the same time. While companies like NVIDIA are rushing to build AI-managed ‘factories’ to guard the grid, those systems are still years away. The threat is current, it is physical, and it is knocking on your door today.

Check out the full story on why the line between code and kinetics has vanished in Europe.