Dynamic state estimation in power systems plays a central role in controlling the system operations. State estimation, however, is vulnerable to malicious cyber attacks that contaminate the controller's observation through injecting false data into the system. It is, therefore, of paramount significance not only to detect the attacks, but also to recover the system state from the contaminated observation when an attack is deemed to be present. This paper offers a distributed framework for an optimal such joint attack detection and system recovery. This framework has two main features: 1) it provides the network operator with the freedom of striking any desired balance between attack detection and state recovery accuracies, and 2) it is distributed in the sense that different controlling agents distributed across the network carry out the attack detection and system recovery tasks through iterative local processing and message passing.