Industrial control systems (ICS) are critical to many infrastructures: commercial facilities, dams, emergency services, energy, financial services, agriculture, nuclear, and transportation are just a few.

ICS are controlled by a type of software called supervisory control and data acquisition (SCADA), which is the actual target in a cyber-attack. Some operating commands come from a human-machine interface (HMI), and some come from programming in a control system using a programmable logic controller.

The HMI is vulnerable to cyber-attacks, because it is run by an actual person. The rest of the SCADA system is also vulnerable because security standards have changed, but as the systems are not updated frequently, not all systems are up to date. The cyber-world is rapidly growing, and malware is becoming more complex. Essential systems like ICS need higher levels of security that are not provided with older versions of SCADA.