The move toward Industry 4.0 means that smart factories are merging their Information Technology (IT) and Operational Technology (OT). This integration, while efficient, creates significant new risks, particularly from Advanced Persistent Threats (APTs). This paper's core idea is that an APT isn't just a data breach; it's a direct attack on production—an act of industrial sabotage. This makes it a central problem for Operations Management (OM), not just for the IT department. We look at famous attacks like Stuxnet and TRITON not as cybersecurity events, but as attacks on core manufacturing metrics. The main contribution of this work is a new framework that connects specific APT attack methods to the real-world operational damage they cause, measured by Overall Equipment Effectiveness (OEE) and its parts: Availability, Performance, and Quality. We then suggest using standard Industrial Engineering tools, like C-FMEA, and established OM simulation methods (DES, ABM, SD) to measure this impact. We conclude that this operations-first viewpoint requires a strategic change from just trying to prevent attacks to building true operational resilience, making cyber-risk a part of production philosophies like TPM 4.0.