A computer virus has been uncovered within the Gundremmingen nuclear plant in Germany. The malware was in “Block B” at the plant, a section which, fortunately, just transports spent nuclear fuel to the warehouse. The facility spokesman swears the event did not happen in a sensitive area of the plant and that the analog systems governing the nuclear processes are protected against manipulation.
In addition, the malware was reportedly the ordinary type and did not target an industrial processes as did the infamous Stuxnet – believed to be designed by the US and Israel to damage Iran’s ability to process nuclear material . Stuxnet is the most famous case yet of using malware to damage or manipulate industrial equipment. The growing list of industrial sites where malware has been detected includes a furnace at a German steel mill and the Ukrainian energy infrastructure.
The malware appeared in an off-line portion of the Gundremmingen plant and it is not clear how the malicious code was brought in. One theory is that the malware came in on a memory stick that was used on a computer at the nuclear facility. With Stuxnet, it is widely believed that the initial infection was hidden on a USB memory stick somehow brought into the Iranian nuclear facilities.
Many modern industrial control systems use computers which are not directly connected to the Internet. But, as this case illustrates, this approach is not always sufficient, especially when employees have USB memory sticks in their pockets.
USB memory stick are a convenient way to exchange data and enliven the workplace by bringing in movies and music. As this case illustrates, they are also a security risk – for companies and for individuals. Thirty years after Chernobyl, it is a good time to remember what damage a nuclear reactor can cause.
“People just don’t think that flipping a memory stick between devices and friends is an easy way to share malware – perhaps easier then visiting an infected website,” said Sven Carlsen, head of “Disinfection Services” in the Avira Virus Lab. “It’s important to make sure that the memory stick is clean. Avira has the ability to block the autorun feature of an USB device. Criminals usually misuse autorun to put a path straight to the malware file on the stick.”
In addition, Avira also offers you the option to scan removable devices to ensure that the contents are clean.
While the scope for damage from a nuclear facility is immeasurably higher than from a home PC, the same principles of USB memory stick hygiene apply. Scan before using, and be careful about checking out that cool memory stick you found in the parking lot.