The document outlines the typical 4 phase progression of a cyber attack: 1) disrupt business and prevent access, 2) access credentials and steal data, 3) embed malware on industrial control systems and devices, and 4) directly damage or destroy infrastructure through computer networks or sell stolen information. It notes how cyber attacks have evolved over the decades to cause greater damage and disruption.