News, of reportedly SCADA malware infections have been published via Motherboard; in which, those infections (also reportedly) point to cyberattack vectors).

'“The fact that malware was recovered from the network at all, and the fact that it's newer, gives a high confidence assessment that the cyberattack on Ukraine was legitimate,” Lee told Motherboard in a phone interview. Lee said the malware was “unique,” implying that it likely wasn't something that just happened be on the grid network during the outage.' - Robert M. Lee, a former US Air Force cyber warfare operations officer as well as the founder and CEO of Dragos Security, wrote on the SANS ICS Security Blog