A recent industrial-security disclosure points to a harder problem than a new exploit: post-detection escalation through already-compromised operational technology environments.