German nuclear plant infected with computer viruses

Photo of author

By Larry Banks

A nuclear power plant located in Germany is infected with computer viruses, the station’s operator said on Tuesday. However, it claims they have not affected operations as it’s isolated from the Internet.

The Gundremmingen plant, which is 120 km norwest of Munich, is operated by the German utility company RWE. The viruses discovered included “W32.Ramnit” and “Conficker”, which were found at the B unit in a computer system added in 2008 with special software related to moving nuclear fuel rods, said RWE.

Furthermore, malware was found on 18 removable drives such as USB sticks, in office computers located away from the plant’s operating systems. RWE says it has increased its cyber-security measures as a result.

As far as the viruses are concerned, W32.Ramnit steals files from infected computers, targeting Microsoft Windows, according to Symantec. It was first discovered in 2010, and is largely distributed via data sticks. It is designed to give attackers remote control over the infected system when connected to the Internet.

Conficker is one of the most infamous computer viruses, infecting millions of Windows PCs since it was discovered in 2008. It’s able to spread by copying itself onto removable drives, says Symantec.

According to Reuters, RWE has informed Germany’s Federal Office for Information Security (BSI) which is currently investigating the incident with IT specialists.

Mikko Hypponen, who is the chief research officer for F-Secure based in Finland, said infections of such critical infrastructure is surprisingly common, but they are not usually dangerous unless the plant had been a specific target.

He also said the most common computer viruses and malware spread without much awareness of where they are. He gave an example of a European aircraft maker that says it cleans cockpits in its planes every week of malware targeting Android phones. Malware spreads to the planes because factory employees charge their phones with the USB port in the cockpit.

However because the planes run a different computer operating system, it’s unlikely it would be compromised, but can still pass on the viruses to other devices plugged into the charger.

In 2013, a virus attacked a turbine control system at a US power company, as a technician inserted an infected USB drive into the network, which led to the plant being offline for three weeks.

SOURCE: Reuters.

Images Courtesy of DepositPhotos