This is plausible, IMO, if their internal network is configured to disallow all incoming connections, but allows outgoing HTTP/HTTPS connections via a proxy (who can live without the Internets in this age?). You can't exploit services remotely, because the ports are being blocked, so the only strategies left is to either bring the virus into the network via USB (i.e. infect the entire country and hope that someone will bring it to the internal network), trick someone to download and install it (which is difficult when you don't know who has access to the network) or attack the actual firewall (fat chance, plus the IDS would raise red flags, assuming it could detect malicious packets). As soon as the virus gets in, it could easily make requests to a server in Texas via the proxy.