What happens when attacks are on physical commodities and their supply chains? Last week's hubbub about counterfeit Cisco devices has created a bit of a stir. It's easy when it's software which can be corrected in a matter of months, but what happens when you can't trust your hardware? It seems that Cisco's current stance is to stand behind their supply chain.
This is a precarious position, indeed, it's something the Oil industry is trying (and failing) too. The software (or anything virtual/logical) supply chain can be easily fixed as the turnaround time can be hours or days. What happens when release cycles last months or years? If such a supply chain is attacked, or simply can't be trusted, then it'll be a bigger issue of applying a few patches.
Think oil and energy, think food, think transportation, think how slow the military industrial complex is on reacting.