Malware has been found on a computer at
Gundremmingen nuclear power plant in Germany, it has been revealed. Reuters reported that RWE, the electric utilities company responsible
for operating the plant, does not consider it a threat as the infected computer
is not connected to the internet.
The malware includes Conficker, which has been described as the most virulent malware of the 2000s. At its
peak, in 2009, it is thought to have infected over 15 million computers around the world. According
to the news provider, malware was found on a computer that “was retrofitted in
2008 with data visualization software associated with equipment for moving
nuclear fuel rods”.
However, this was not a sole incident, as malware
was also discovered on 18 removable disk drives.David Harley, a senior research
fellow at ESET, said that given the number of infected removable drives
also found at the nuclear plant, “internet disconnection doesn’t in itself
guarantee that a system can’t be infected, can’t be the cause of further
infections on the site, or that a dangerous payload can’t be executed”. “It’s
possible in some circumstances for malware usually considered harmless to be
literally dangerous if it finds its way onto a critical system,” the expert
concluded.
In an official press release,
RWE said that the malware was found during “preparatory testing work”. Research from earlier this year has suggested that countries
around the world are underprepared when it comes to cyberattacks.
The third edition of the Nuclear Threat
Initiative’s (NIT) Nuclear Security Index revealed that approximately half
the countries assessed do not have a single requirement in place to protect
their nuclear facilities from this threat. “Like all critical infrastructure,
nuclear facilities are not immune to cyberattacks,” the paper highlighted in
January. “That reality is particularly worrisome, however, given the
potentially catastrophic consequences of a cyberattack on a nuclear facility.”