German Nuclear Power Plant Infected With Viruses

This post is also available in: עברית (Hebrew)

The Gundremmingen nuclear power plant in Germany was infected with computer viruses, the BBC reports. The viruses were found on personal office computers and, most worryingly, in a system used to “model the movement of nuclear fuel rods.”

RWE, the firm responsible for the plant, says the plant was not in any serious danger from the infection, as these system were isolated from the wider internet and so the virus couldn’t be activated. But the very fact of the infection raises serious questions about the security of critical infrastructure.

German federal investigators are now trying to determine how exactly the plant became infected. The investigators have more than 1,000 computers to check after the infection was located on the fuel rod modelling system and on “18 USB sticks used as removable data stores on office computers.”

The virus was discovered when staff were preparing computer systems for a planned upgrade in a section that is currently offline and not producing power.

RWE says that no systems directly involved with control of the nuclear reactors were affected and there was no danger to the public.

“All sensitive plant areas are decoupled and designed with redundancy and protected against manipulation,” RWE said in a statement.

The infamous Conficker that wreaked havoc on the world’s computers from 2008 was one of the viruses, as well as the W32.Ramnit. Both of these are used to steal data and security credentials. Because the systems were isolated from the internet the viruses weren’t able to activate and transmit stolen data, RWE said.

Power plants and other critical infrastructure installations often get infected by viruses, said Mikko Hypponen, chief research officer at F-Secure. Usually, such infections cause little damage, he added.

For more details and registration click here.