Past cyber-attacks on Supervisory Control and Data Acquisition (SCADA) Systems for Critical infrastructures have left these systems compromised and caused financial and economic problems for the relevant organisations. Deliberate attacks have resulted in delayed or denial of services, inconvenience to the public and physical injury to people in certain cases. This study will explore the past attacks on and vulnerabilities of SCADA Systems with specific reference to the transport sector by examining three case studies. The outcomes of these case studies will be further analysed according to the cyberterrorist decision-making theories. These are strategic, organisational and psychological theories based on the study by McCormick (20003), who further categorized Nelson's (1999) cyber-terrorist capabilities that included: simple-unstructured, advance-structured and complex-coordinated capabilities categories that lead to an attack on a system, in particular SCADA Systems for Critical infrastructures. Based on existing theories, this paper outlines the level of capabilities and decision-making pattern that a cyberterrorist requires when attempting penetrating a SCADA systems environment. The results of this study will form the basis of a guideline that organisations can use so that they are better prepared in identifying potential future cybersecurity attacks on their SCADA systems.