Critical infrastructures like Nuclear power plants, and water facilities remain an primary concern when it comes to cyber security. These environments are critical to the well being of an country, and once these environments are hit by an cyber attack, it can have devastating results.
Now we only have to take a look back, and we will see that the Stuxnet virus was very successful in forcing the Iranians to move forward on a slower phase, but it is the same type of virus which can take down an complete power plant if needed.
The evolution of malware is very clear, since a couple of years, we are dealing with malware which encrypts data and forces the victim to pay ransom in order to get the data back. Now what would happen if such an method would be applied on a power plant. The cyber criminal would encrypt the data, force the power plant engineers out of the systems, and so on.
On the other aspect, these infrastructures run on software and hardware, software and hardware can be outdated, and vulnerabilities can be present in these items. It is a constant battle and it is very important to stay aware of these possible risk which might affect us in an major way.