Energy giant Chevron has become the first US company to confirm a network hit by the Stuxnet virus.
According to CIO Journal, Mark Koelmel, general manager of the earth sciences department at Chevron, said that the incident occurred in 2010 when the malware was discovered.
“I don't think the US government even realised how far it spread,” Koelmel said.
Amid claims that Stuxnet had been developed by the US and Israeli governments, it is believed that Chevron's encounter with the worm was accidental – a case of the sophisticated malware running loose beyond its intended targets.
A Chevron spokeswoman told CIO Journal that the company wasn't negatively impacted by the virus.
Aviv Raff, CTO of Seculert, which specialises in cloud-based threat detection, told SC Magazine US that it is likely that other US companies have been impacted by Stuxnet and said he was not surprised that they had not come forward.
“I do think there are other companies that are keeping quiet and this is normal behaviour,” Raff said. He added that a company the size of Chevron would be a ‘reasonable' mistake given its operations, which fit the category of the malware's destructive aims.