Legacy Supervisory Control and Data Acquisition (SCADA) has no cyber security - messages are in clear text; messages are unauthenticated; management commands are issued via dial up ports protected by weak passwords and administered by poor password administration practices. This results in either inadequate security or a potential for denial of service. Based on the type of utility infrastructure involved, an intelligent attacker, or threat agent, would focus his/her efforts on the appropriate vulnerability to cause the most damage possible. In the case of electricity, attacks through the backdoor maintenance ports may be more devastating than attacks through the front door SCADA network; by changing protective relay settings, the attacker can effectively disable all built-in protective circuitry within a portion of the electrical grid. In liquids utilities, i.e.; gas, oil and water pipelines, attacks through the front door SCADA network may be more devastating; by repeatedly issuing 'open valve' and 'close valve' messages, a "hammer effect" can be created which could rupture pipelines or damage valves and pumps
