Nuclear power plant near Munich attacked by two viruses

28 Apr 2016

Gundremmingen nuclear power plant

A nuclear power plant in Gundremmingen in Germany has been infected with multiple viruses that could potentially enable hackers to access its systems remotely.

German power firm RWE said that the infection caused no threat to the plant because its control systems were not actually connected to the internet.

But that doesn’t fully explain how the plant became infected.

The viruses are understood to have been found on the fuel rod modelling system and on 18 USB sticks used as removable data sticks.

Data breach raises fears of terrorist attack

German federal cyber investigators are analysing how the plant’s systems became infected.

In a statement, RWE said that the affected IT system, which was retrofitted in 2008 for data processing and visualisation, is part of the fuel assembly loading machine.

The malware W32.Ramnit and Conficker were found on 18 removable drives.

According to RWE, more than 1,000 computers systems have been analysed and it is understood that no system that would compromise safety was infected.

“A hazard to personnel, the environment or the system was not involved,” RWE said.

How the data sticks found their way inside the plant is being investigated by police and RWE itself and one theory is they could have been found by workers and brought inside to be used in conjunction with their work.

In these times of heightened fears of attacks, especially in the aftermath of the Paris and Brussels attacks, it would be hard to rule out potential terrorist involvement.

Gundremmingen nuclear power plant is approximately 124km away from Munich, a city with a population of 1.3m people.

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years

editorial@siliconrepublic.com