AI Security: When Agents Control Physical Systems, IAM Becomes Safety Infrastructure
Okta, Thursday, January 29th, 2026
In mid-September 2025 Chinese state actors weaponized Claude Codeopens in a new tab to conduct the first documented large-scale autonomous cyberattack. The operation targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies.
Separately, in late August, a credential compromise shut down JLR's factoriesopens in a new tab for five weeks at a cost of 1.9 billion UK Pounds. Now imagine that same attack pattern executed by an AI agent that doesn't sleep and can try a thousand credential combinations while you're reading this sentence. It's here. These attacks don't just breach perimeters. They abuse legitimate access.
The defense isn't better firewalls. It's authorization: controlling what agents can do at each step, with human oversight when it matters. For cyber-physical systems, IAM isn't IT infrastructure. It's a safety system.