The paper aims to study the workflow of the detection center of stealthy attacks on industrial installations that generate increase in energy consumption while avoiding triggering fault detection and damaging the installation. Such long-lasting attacks on industrial facilities make production more expensive and less competitive. We present the concept of the remote detection system of cyberattacks directed at maliciously changing the controlled variable in an industrial process air conditioning system. The monitored signals are gathered at the PLC-controlled installation and sent to the remote detection system, where the discrepancies of signals are analyzed based on the Control Performance Assessment indices. The results of performed tests prove the legitimacy of the adopted approach.