Supervisory control and Data Acquisition (SCADA) systems play a core role in a nation’s critical infrastructure, overseeing the monitoring and control of systems in electricity, gas supply, logistics services, banks and hospitals. SCADA systems were once separated from other networks and used proprietary communications protocols, hardware and software. Nowadays modern SCADA systems are increasingly directly or indirectly connected to the Internet, use standardised protocols and commercial-off-the-shelf hardware and software. Attacks on these systems have the potential for devastating consequences and attribution of attacks against SCADA systems presents new challenges. This paper investigates the use of techniques to attribute cyber attacks against SCADA systems.We investigate the use of five known technical attribution techniques in SCADA systems.