What cyber threats is OT exposed to?
In the past, impacts to OT systems were often "just" collateral damage. Attacks that were actually aimed at IT systems – such as WannaCry or NotPetya – ended up in the OT environment more or less by chance. Cybercriminals have meanwhile developed malware specifically dedicated to targeting ICS and SCADA systems – LockerGoga, Snake/Ekans or DoppelPaymer, for instance. With an IoT search engine like Shodan, networked devices that are directly connected to the Internet can be easily tracked down. It even reveals the current operating system version so that hackers can pick out particularly vulnerable targets.
Cyber attacks on OT systems can have seriously adverse effects on the security of people and systems, cause enormous costs and, in a worst case scenario, endanger human lives. Doing so doesn't require any particularly sophisticated malware attack. Even the slightest manipulation of a sensor is enough to significantly impair production. Attacks on OT may be driven purely by desire to wreak destruction, or be monetarily or even politically motivated.
In one example, Hackers attacked the control system of a steelworks' blast furnace and brought it under their control. As a result of the attack, individual components initially failed, and ultimately the blast furnace could no longer be shut down and was in an "undefined" state. In this way, the hackers caused entire systems to fail with little effort. The entire system was massively damaged as a result.