Completely useless 20/20 hindsight. ENISA's emerging cyber threats document, for example, which circulated 3-4 years ago iirc had pointed out targeted attacks on physical infrastructure (wink, wink) as a possibility, as well as other issues which were disclosed in this and last year's BlackHat and DEFCON conferences.