Researchers have been speaking publicly about some of them for a couple of years now, and a group recently discussed a huge set of vulnerabilities it found during an extended project looking at PLCs (programmable logic controllers) Researchers found that the basic security model underlying the ICS systems that run critical services such as power, water and others, is completely inadequate. Many of the systems that are now exposed to the Internet were not designed with that connectivity in mind, and some now have mobile interfaces that can be run on smartphones.
Source: https://threatpost.com/state-scada-security-laughable-researchers-say-020312/76171/