German Nuclear Plant Infected With Viruses

Uploaded on 2018-06-26 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Production-Utilities, BUSINESS-Production-Energy

A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility’s operations because it is isolated from the Internet, the station’s operator said. The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE 

The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said. Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it had increased cybersecurity measures as a result. 

W32.Ramnit is designed to steal files from infected computers and targets Microsoft Windows software, according to the security firm Symantec. First discovered in 2010, it is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet. 

Conficker has infected millions of Windows computers worldwide since it first came to light in 2008. It is able to spread through networks and by copying itself onto removable data drives, Symantec said. 

RWE has informed Germany’s Federal Office for Information Security (BSI), which is working with IT specialists at the group to look into the incident.  

Mikko Hypponen, chief research officer for Finland-based F-Secure, said that infections of critical infrastructure were surprisingly common, but that they were generally not dangerous unless the plant had been targeted specifically. The most common viruses spread without much awareness of where they are, he said. 

As an example, Hypponen said he had recently spoken to a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones.

The malware spread to the planes only because factory employees were charging their phones with the USB port in the cockpit. 

Because the plane runs a different operating system, nothing would befall it. But it would pass the virus on to other devices that plugged into the charger. 

In 2013, a computer virus attacked a turbine control system at a US power company after a technician inserted an infected USB computer drive into the network, keeping a plant off line for three weeks. 

After Japan’s Fukushima nuclear disaster five years ago, concern in Germany over the safety of nuclear power triggered a decision by the government to speed up the shutdown of nuclear plants. Tuesday 19th June was the 30th anniversary of the Chernobyl nuclear disaster.

Reuters

You Might Also Read: 

Hackers Attempt To Penetrate US Nuclear Plants:

Hackers Extort  S. Korea for Data on Nuclear Plants:

 

« BMW Cars Can He Hacked
Chinese Hack Breached US Satellites »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Spirion

Spirion

Spirion offers data discovery, classification, and protection tools for your business's privacy, security, and compliance program to avoid gaps and risks.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

Seceon

Seceon

Seceon OTM, is a cyber security advanced threat management platform that visualizes, detects, and eliminates threats in real time.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

_cyel

_cyel

_cyel is introducing a new cybersecurity strategy: not a new generation of patches and firewalls, but moving target security – we take away the targets. Without replacing your existing system.

Aptible

Aptible

Security Management and Compliance for Developers. Aptible helps teams pass information security audits and deploy audit-ready apps and databases.

Pixalate

Pixalate

Pixalate is an omni-channel fraud intelligence company that works with brands and platforms to prevent invalid traffic and improve ad inventory quality.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Euro-Recycling

Euro-Recycling

Euro-Recycling is a leading UK provider of Secure On-Site Data Media Destruction Services.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Venkon

Venkon

Venkon provides effective and unique solutions to cyber-security threats and IT compliance requirements of your organization.

Netography

Netography

Netography provides a scalable and reliable platform for detection & remediation of cyber threats found on your network.

Veratad Technologies

Veratad Technologies

Veratad Technologies, LLC is a world class provider of online/real-time Identity Verification, Age Verification, Fraud Prevention and Compliance Solutions.

Innefu Labs

Innefu Labs

Innefu is an Information Security R&D startup, providing cutting edge Information Security & Data Analytics solutions.

Avalor

Avalor

Avalor are on a mission to help security teams make faster, more accurate decisions by making sense of their data. With Avalor you can bring in data from anywhere, normalize it and analyze it.

Emantra

Emantra

Emantra specialises in the enablement of Secure Cloud services through it’s comprehensive Sovereign Cloud Hosting, Secure Access Service Edge, and managed services.