CSOOnline report that the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), a division of the U.S. Department of Homeland Security (ICS-CERT) issued an advisory on Tuesday warning that malware has been used since 2011 to attack a number of ICS (Industrial Control Systems).
The malware exploits a Windows vulnerability to gain access to the ICS HMI (Human Machine Interface). HMIs identified as targets include General Electric's Cimplicity HMI, Siemens' SIMATIC WinCC and BroadWin's WebAccess and anyone who operates these systems is advised to contact the relevant manufacturer for remediation advice. For general best practice advice on defending industrial control systems against cyber attack, compliance with NERC CIP measures is recommended.