The scenario of multiple attacks at major infrastructure is really scary, as we have seen in Die Hard or Live Free but I think it is really unlikely. Yesterday, my IT adminstrator tried to install a new version of MATLAB on my computer. Something as routine as this should be a no-brainer but the installation did not go well. Even when a manual is sitting right in front of us, something could go wrong, or the illustrated steps on the manual simply do not match up with what we see on the screen. We even have problems (sometimes a lot of them) trying to do something legal and by-the-book, imagine how difficult it is to hack into a well-guarded computer system to launch a cyber attack. Of course, launching does not mean everything will go as planned, a damage may not ripple all the way down. Thus, the difficulty of successfully attacking several major targets simultaneously is way higher than attacking just a single one. Lucky coincidences only happen in a movie! On top of that, every software update or security patch of a system (or subsystem) probably means some hacking work has to be done all over again. As a result, a group of hackers’ knowledge on a complex system may not be up-to-date and accurate. This could limit the scope of an attack and confine any possible damage. Of course I am not saying that it is needless to protect our cyberspace. However, the risk assessment should be realistic and not based upon some magnified and distorted fear. The Iraqi weapon of mass destruction episode is a good example of this!
Source: The age of cyber war has arrived