“The Department of Homeland Security (DHS) Control Systems Security Program manages and operates the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) to provide focused operational capabilities for defense of control system environments against emerging cyber threats…This report provides a summary of cyber incidents, onsite deployments, and associated findings from the time ICS-CERT was established in 2009 through the end of 2011..The most common infection vector for network intrusion was spear-phishing emails with malicious links or attachments. Spear-phishing accounted for 7 out of 17 incidents. At least one incident involved an infection from a removable USB device.”