In "Misguided response to the Norwegian Dam and Oldsmar ‘cyberattacks’," author Joe Weiss argues that not every control‑system failure should be labeled a cyberattack, highlighting two incidents: the April 2025 Norwegian dam valve event and the February 2021 Oldsmar, Florida water‑treatment glitch.

He cautions that legacy OT devices often lack forensic logging, which means sudden operational anomalies—whether caused by human error or malicious intent—can be mischaracterized as external attacks. Weiss criticizes this tendency to sensationalize, noting how both Norway and Oldsmar were quickly declared “cyberattacks” despite limited evidence of actual intrusions.

Weiss stresses the importance of differentiation: distinguishing genuine cyber‑related incidents from accidents is critical for appropriate response, regulation, and training. He calls for improved OT forensic capabilities and better‑trained professionals capable of discerning the true nature of control‑system events, warning that misclassification can erode credibility and impede security progress.

Source: https://www.controlglobal.com/blogs/unfettered/blog/55302207/misidentification-of-control-system-cyber-incidents-accidents-or-cyberattacks