Flash back to Super Bowl XLVII when the entire Superdome was plunged into darkness. Did someone merely flip a switch? Forget to pay the bill? Or was it something more serious? In our post-9/11 world, terrorism immediately comes to mind. In the end, Entergy New Orleans, a unit of Entergy that supplies power to the Superdome, said a relay device had failed, calming most conspiracy theories.
Even though the incident was limited to mechanical failure, cybersecurity experts say the Super Bowl blackout is the closest public example of the consequences of when industrial control systems fail, or even worse, fall into the wrong hands.
In an exclusive report obtained by CNBC, independent cybersecurity researchers Billy Rios and Terry McCorkle, along with Michael Schell, global industrial control system representative for Cylance, warn that thousands of public and private facilities nationwide are vulnerable to cyberattack through the very systems that control a building's operations, known as industrial control systems (ICS) or building management systems (BMS).
They say though a malicious hacker's intent may not always be to create a scenario like the Super Bowl blackout, or worse; targeting an ICS or BMS is more likely an effort to find an alternative way into an organization's network.
(Read more: Car hacking: The next global cybercime?)