Another plausible scenario is one in which we could see a great deal of localized damage that affects many peoples' lives. For example, by taking a power plant offline the attacker could leave scores of people in the dark, cause the water system pumps to go offline, force hospitals to function without critical equipment, and disable ATMs, fuel stations, and traffic signaling systems.
Consider the 2003 case in which a affected roughly 55 million people in the U.S. and Canada, and showed how fragility within any of the nation's three electric regions -- East, West and Texas -- can lead to extended trouble. As the balance between supply and demand of electricity is extremely close, any significant stress to the system could take it offline (by design), and the damage could be experienced on a wide regional scale.
All that is required to wreak some havoc is for a hacker to cause a generating station to go offline. The transmission grid is quite fragile with respect to localized disruptions; the grids are designed to shut themselves down automatically if they suspect a failure pending. Therefore, an attacker would not need to do much to trigger such an event; a simple instruction telling the generating station that it is about to fail is all it would take. If the attacker is able to do this to a few stations, widespread impact could be experienced.
Even though there are flow regulators and switches located within the oil and gas supply chain which make it vulnerable to similar attacks, there are a lot more points within this sector that would need to be attacked as well to cause much damage; thus the environment is somewhat limited to localized failure. That said, the oil and gas industry is no stranger to attack. ABC News that the "Iranian oil ministry's computer network came under attack from hackers and a computer virus, prompting the Islamic Republic to disconnect the country's main oil export terminal from the Internet."
Somewhere between the oil and gas sector and the electrical grid lies the water sector. While the damage would be limited to a specific locality such as a large city or multi-city district, it could become a serious public health issue, or at least a public nuisance, if a water treatment plant or pumping station were taken offline.