ICS vendors such as Siemens and Hitachi have myriad different operations and the fact that a Trojan program was found on one of their many systems may be insignificant, he said.

The real threat would be if Duqu was being used to go after specific customer implementation information from these vendors, he said.

For instance companies like GE often require that ICS customers maintain remote connectivity for support purposes, he said. It would be a "huge deal" If Duqu was used to go after information related to the remote support, Peterson said. "But at this point we have absolutely no evidence of who it targeting or what it is targeting.

"Right now I am skeptical it has anything to do with control system," but that could change if enough information becomes available, he added.

Meanwhile, a little known Hungarian lab called the