Malware discovered at a nuclear power plant in Germany raised concerns public concerns and prompted the German electric utilities company RWE AG to shut down the power plant as a precaution. The malicious code was discovered in the IT network that affects the fuel loading system in block B of the Gundremmingen nuclear power plant in Bavaria.
In a statement, the power plant Kernakraftwerk Gundremmingen GmbH (KGG) noted that the technical components used for system controls are detached from the internet. “All sensitive plant areas are decoupled and designed on a redundant and protected against manipulation. A hazard to personnel, the environment or the system was not involved.”
Alex Cruz Farmer, VP of cloud services at NSFOCUS, in an email to SCMagazine.com, wrote: “This is a fantastic example of where the Internet of Things, as well as BYOD adoption, without the consideration of security has created a huge risk to organisations. Almost every person who walks around today has a USB stick, or a device which can be turned into a removable drive. The saving grace here is that the German power plants were isolated from the internet.”
The malware is not capable of altering the power plant's operations, the company stated. Block B of the nuclear power plant was built in 1984 and the affected IT system was retrofitted in 2008.
The malware was linked to the Ramnit banking trojan and the Conficker worm, according to Softpedia, citing German media reports.