Supervisory control and data acquisition (SCADA) systems allow industrial organizations to control and monitor real-time data and industrial processes. Moving SCADA systems to the cloud environments can improve the performance of traditional SCADA systems by enhancing features such as storage capacity, reliability and availability, security measures, as well as reducing technical and industrial costs. However, cloud cyberattacks are rapidly increasing, posing a major challenge to such type of systems. In addition, these cyberattacks still remains scattered across many research, and much of published research on cloud-based SCADA systems has been focused on narrow sets of attacks. Thus, this research provides a survey and an analysis of the most common cybersecurity attacks and challenges that cloud-based SCADA systems might experience. It also conducts a security risk assessment of the analyzed attacks. Finally, it proposes the existing suitable detection and prevention techniques to mitigate the impact of cyberattacks on such critical control systems.