For many years, malicious cyber actors have been targeting the industrial control systems that manage critical infrastructure assets. Most of these events are not reported to the public and their details along with their associated threats are not as well-known as those involving enterprise (information technology) systems. This chapter presents an analysis of publicly-reported cyber incidents involving critical infrastructure assets. The list of incidents is by no means comprehensive. Nevertheless, the analysis provides valuable insights into industrial control system threats and vulnerabilities, and demonstrates the increasing trends in the number and complexity of cyber attacks.