The widespread use of information and communication technology in industrial control systems has exposed many cyber attacks to these systems. The first step in providing security solutions is to recognize the threats and vulnerabilities of a system at first. Therefore, in this work, after providing a general overview of the SCADA security, we provide a survey on actual cyber attacks from 2000 up to now. To be able to assess the risk of these attacks, we perform profiling them based on the target systems of the attack, the geographical area of it, the method used in the attack and its impact. This profiling provides a clear view of the most important security incidents in SCADA systems and could be useful in the defining suitable strategies for preventing and defending against the major SCADA security attacks.