Hackers breached security of a German steel mill's network and caused considerable damage by manipulating the controls of a blast furnace. The attackers gained access to the network through a phishing email, and from there were able to make their way into the plant's production network. "The result was that a blast furnace could be shut down." The attack was disclosed in the annual report of the German Federal Office for Information Security.
The spear phishing attack used sophisticated social engineering techniques to gain access to the factory’s office networks, from which access to production networks was gained. Spear phishing involves the use of email that appears to come from within an organization. This is the kind of tactics used when a cyberwar breaks out.
This is the reason that all employees need to be stepped through security awareness training that really works, so that they are aware of social engineering attacks and can protect the network, effectively becoming a "human firewall" Find out how affordable this is for your organization now. Hat Tip to SANS for this one.