The malicious software was, we're told, chewing up processor time, noisily shifting data over the network, and potentially exploiting the fact that industrial networks tend not to be running the latest security patches – typically because they oversee critical processes that cannot be interrupted or knocked out by bad updates.
Important machines with connection to the internet?!?! seriously where's the air gap?
Ilan Barda, Radiflow’s CEO, told The Register today the malware was probably installed after someone used a browser on a server to visit a website they shouldn't have. The nasty would have been accidentally downloaded and run, and it likely exploited network file shares to move through the utility company's computers, we're told.
Someone had access to a server and was able to browse the internet on it?!?!? *shakes head*