People keep saying, wait until there is a real control system cyber incident and then control system cyber security will be taken more seriously. Last Saturday, Iran (IRGC) cyberattacked US critical infrastructure on US soil. Dale Peterson’s response on Friday was “I guess I have to include this: the Municipal Water Authority of Aliquippa serving 6615 customers had an attack on their OT. Small water utilities have weak OT and ICS security and need to be able to fall back to manual ... which they did. Much more consequential is the ransomware that took out emergency room services at multiple hospitals for multiple days in Texas.” Iran (IGRC) is in an undeclared cyberwar against the US and our critical infrastructures. The IRGC targeted Israeli-made Unitronics PLCs including one used in the Aliquippa cyberattack. Attacking the PLC can compromise the near- or long-term operation of the targeted systems. The attack is against the targeted PLCs, not the end-users, making this a nation-state supply chain attack against US critical infrastructure with hundreds of Unitronics PLCs in US applications and more than a thousand installed internationally. To date, none of the CISA OT guidance, including the two Unitronics Alerts, have addressed control system field device issues or device limitations. Moreover, the CISA guidance in the Alerts may not be able to be applied to many control system field devices because of PLC technical limitations. The lack of engineering expertise in preparing the Alerts is an intolerable gap that needs to be changed immediately. As can be seen by Dale Peterson’s response, the lack of OT industry response to a non-OT network attack also speaks volumes.