This document discusses tactics for targeted cyber attacks against industrial control systems. It describes how adversaries are gaining greater understanding of critical infrastructure dependencies and focusing attacks on key nodes to cause physical damage and disruption. The document advocates for improved process monitoring, network visibility in ICS networks, and resilience strategies to help detect and recover from such attacks.