In an OT environment with PLCs and SCADA, which action would be a significant risk if an attacker gains access?

In OT environments, the most dangerous actions are those that can directly alter how the industrial process is controlled. PLCs translate digital values into real-world actions, so the registers that hold setpoints, limits, and control states are essentially the control levers of the system. If an attacker can modify these register values, they can push actuators, valves, pumps, and other equipment into unsafe or damaging states in real time. That can trigger unsafe machine behavior, cause equipment wear or failure, and even create hazardous conditions for personnel. The impact is immediate and tangible because it changes how the process behaves, not just what is being observed or who can access a network. Reading log files only provides information and does not change how the system operates. Turning off HVAC could lead to environmental or equipment overheating over time, which is serious but less direct to the control of the process itself. Changing firewall rules might broaden access or conceal activity, but it does not, by itself, alter the operational signals controlling machinery. Therefore, modifying register values in a PLC is the action with the highest immediate risk to safety, stability, and equipment in an OT setup.