You could loose sleep over this.
1] Slammer first occurred around august 2002 - Why was protection NOT in place.
2] What is the point in implementing an onion (layered) based security policy using ACL's on routers, firewalls, and other related security only to allow some contractor to circumvent the security. Whoever was responsible for that decision was a cretin of mammoth proportions.
3] Critical networks such as this SHOULD NOT be connected IN ANY WAY to the internet or any other live network regardless. This is NOT rocket science it is COMMON SENSE. Hell it's not like a nuclear power station is dangerous or anything!
4] What other implications does this have? e.g. if a virus such as slammer can work it's way into a system such as this, can a hacker or how about Al Quida.
5] How is it that the technical people did not know that there was a patch available for the problem SIX months prior to their infection. These aren't engineers they are $MS idiots, and their obvious professional incompetence could have caused a major disaster.
6] Who was the person (I use that term, I am not thinking that) responsible for the decision to utilize $MS Windows in a critical system such as this. Who ever it was is a fool of huge proportions.
Someone at the top needs to get a grip before a minor virus written by some script kiddy causes a nuclear reactor to go China syndrome.
Who is the more foolish, the fool or the fool who follows the fool.
Sime