A number of computer viruses have infected a nuclear power plant in Germany, but were unable to pose a threat to its operations since the facility is not connected to the Internet.
The Gundremmingen Plant – which is run by the German utility RWE – is located 120 km north-west of Munich.
The computer viruses were discovered in the plant’s B unit on a system that was retrofitted in 2008 with data visualisation software that works alongside the equipment used to move nuclear fuel rods. The ‘W32.Ramnit’ and ‘Conficker’ viruses, among others, were discovered on the computer.
W32.Ramnit is a virus built for the sole purpose of stealing files from an infected computer. It primarily targets Microsoft Windows and was discovered in 2010. The virus is distributed through USB flash drives and its aim is to allow an attacker to gain remote control over an Internet connected system.
The Conficker virus was identified in 2008 and has since infected millions of Windows computers globally. It is spread through networks and once it moves to a system it copies itself onto flash drives which allows systems infected with the virus to continue to spread it in the physical world.
Along with these viruses, 18 removable data drives, some of which were USB flash drives, were also found to contain malware. These devices were found on office computers that were maintained separately and not connected to the plant’s operating systems.
After the discovery of viruses at the Gundremmingen Plant, RWE increased cyber security measures and informed Germany’s Federal Office for Information Security (BSI). Currently, the utility is working with IT specialists from the government to further investigate the incident.