Sinclair Koelemij stated in his July 20, 2025 article the only documented control system cyberattack that directly caused physical damage was Stuxnet. He is not the only one who feels this way. However, there have been numerous cases in every sector where there have been publicly documented control system cyberattacks that caused physical damage. There have been many other control system cyber incidents that were not publicly documented. Other cases, such as Chinese-made equipment with hardware backdoors have been documented, but the attack mechanisms have not yet been initiated. Most of these control system cyber incidents have not been addressed by the network IT/OT cybersecurity community as most of the incidents were not caused by network malware nor were there control system cyber forensics or training to identify the incidents as being cyber-related. Control system cybersecurity gaps in technology and identification were evident in the July 22, 2025 US House Committee on Homeland Security Hearing “Fully Operational Stuxnet 15 Years Later & the Evolution of Cyber Threats to Critical Infrastructure”.
