US CERT says three flavours of control kit are under attack
By Darren Pauli, 29 Oct 2014 Industrial control systems in the United States have been compromised by the BlackEnergy malware toolkit for at least three years in a campaign the US Computer Emergency Response Team has dubbed "ongoing" and sophisticated.Attackers had compromised unnamed industrial control system operators and implanted BlackEnergy on internet-facing human-machine interfaces including those from GE Cimplicity, Advantech/Broadwin WebAccess, and Siemens WinCC.
Full Article