Malware has been found on a computer at Gundremmingen nuclear power plant in Germany, it has been revealed. RWE states that it is not considered a threat as the infected computer is not connected to the internet.
Malware has been found on a computer at Gundremmingen nuclear power plant in Germany, it has been revealed.
Reuters reported that RWE, the electric utilities company responsible for operating the plant, does not consider it a threat as the infected computer is not connected to the internet.
The malware includes Conficker, which has been described as the most virulent malware of the 2000s.
At its peak, in 2009, it is thought to have infected over 15 million computers around the world.
According to the news provider, malware was found on a computer that “was retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods”.
However, this was not a sole incident, as malware was also discovered on 18 removeable disk drives.
David Harley, a senior research fellow at ESET, said that given the number of infected removable drives also found at the nuclear plant, “internet disconnection doesn’t in itself guarantee that a system can’t be infected, can’t be the cause of further infections on the site, or that a dangerous payload can’t be executed”.
“It’s possible in some circumstances for malware usually considered harmless to be literally dangerous if it finds its way onto a critical system,” the expert concluded.
In an official press release, RWE said that the malware was found during “preparatory testing work”.
Research from earlier this year has suggested that countries around the world are underprepared when it comes to cyberattacks.
The third edition of the Nuclear Threat Initiative’s (NIT) Nuclear Security Index revealed that approximately half the countries assessed do not have a single requirement in place to protect their nuclear facilities from this threat.
“Like all critical infrastructure, nuclear facilities are not immune to cyberattacks,” the paper highlighted in January.
“That reality is particularly worrisome, however, given the potentially catastrophic consequences of a cyberattack on a nuclear facility.”