The relevance of OT (Operational Technology) in Seveso plats has largely increased in recent years thanks to several benefits related to the improvement of efficiency, quality of the production, and cost reduction. Unfortunately, the use of these technologies exposes the plants to cyber threats. Indeed, a cyber-attack may cause the interruption of the production, and, at worst, could manipulate the control process in order to induce a catastrophic event. In recent years, several cyber-attacks have been performed against Industrial Control Systems. In this paper, we provide a process-engineering oriented overview of those attacks with the aim of illustrating their behavior. Particular attention is payed to Triton attack, being the first worm specifically designed to attack a Safety Instrumented System. The paper concludes with some consideration about a relevant approach that might be useful to increase the protection of the Seveso ICS.