The Stuxnet virus focused world attention on the dangers of a cyber attack on critical infrastructure. So far, however, damaging attacks on infrastructure are rare. Energy utilities and industrial control systems are so vulnerable and slow to plug flaws in their systems that attackers will likely test their capabilities against them, says Kaspersky’s Baumgartner. The groups behind targeted attacks will be faster to turn vulnerabilities — whether zero-day flaws or just unpatched software issues — into live exploits. Attackers will focus on improving their automation and analysis capabilities.”]
Source: https://www.darkreading.com/attacks-breaches/the-changing-face-of-advanced-persistent-threats