36 CHAPTER 3 Introduction to Industrial Network Security Table 3.1 The Potential Impact of Successful Cyber Attacks Incident Type Change in a system, operating system, or application configuration Potential Impact Introduction of command and control channels into otherwise secure system Suppression of alarms and reports to hide malicious activity Alteration of expected behavior to produce unwanted and unpredictable results Damage to equipment and/or facilities Malfunction of the process (shutdown) Disabling control over a process Causing inappropriate actions in response to misinformation that could result in a change in programmable logic Hiding or obfuscating malicious activity, including the incident itself or injected code (i.e., a rootkit) Preventing expected operations, fail safes, and other safeguards with potentially damaging Change in programmable logic in PLCs, RTUs, or other controllers Misinformation reported to operators Tampering with safety systems or other controls