Posted on 04/27/2016 5:23:25 AM PDT by sheikdetailfeather
Gundremmingen plant in southern Germany was found to be riddled with computer viruses, including those which would allow attackers remote access to equipment for moving nuclear fuel rods.
Viruses, known as W32.Ramnit and Conficker, were discovered at the plant, which is located 75 miles northwest of Munich.
W32.Ramnit has the potential to give an attacker remote control over a system when it is connected to the internet and is also designed to steal files from infected computers.
The virus could be used by groups such as Islamic State to obtain nuclear secrets, bringing them one step closer to building a radioactive bomb.
However, officials said the plant was isolated from the internet and was therefore not vulnerable to attackers gaining remote access.
Fears of an ISIS-inspired nuclear attack have grown in recent weeks after terrorists involved in the Brussels attack were found to be monitoring an official in charge of a Belgian nuclear plant.
(Excerpt) Read more at express.co.uk ...
Somebody needs to do something about those tech savvy Amish.
Bookmark for later.
Rules I would enforce if building a nuke power plant:
No internet allowed. Not even wired into the building. Faraday cage construction to prevent wireless.
Lots of analog controllers.
Copper two strand phones only
There are ways people...
So now that it has been released in the news will an attack now be eminent, before they have time to eliminate the viruses? Hopefully they have cleansed the computer and this is to encourage the hackers to move forward so they can determine where the attackers are located.
No jump drives would be a good addition. My guess is that the plant runs on Siemens systems. Very prone to virus attacks - think Stuxnet.
WHY, would such control systems even be linked to the Internet? Seriously, what kind of stupid do you have to be to not put the control software on an isolated system, with single point interface capability (no USB connections at every station)?
That is only just marginally good news. If it is isolated, then you have to ask yourself: how did these viruses get introduced onto the systems?
Surely there is a prohibition against running unauthorized software. (eg personal software etc.) Should be only software approved and installed by IT. There should be a prohibition against any removable media - that's how bad things get in and sensitive data leaks out.
So the fact that these viruses are on the systems tells me there has been a serious breach of security. Uncontrolled removable media has been on the systems. Unauthorized software has been run on the systems. There should be a thorough security review of every single person at that plant. It's not a question of if they've been compromised, only how badly.
Interesting word for Germans.
I was very surprised to learn that the control systems were internet-accessible (even indirectly). Based on a presentation by information security guy at a conference years ago, nuke plants generally have a wired-only network anyway due to the thickness of, and amount of steel reinforcement in, most interior walls. They generally don’t have much access to the internet at all, and the control systems aren’t (or weren’t) usually network-accessible. My guess is that the German plant *used* to be this way, but over time they started integrating the control systems for automation purposes, and somewhere along the line they didn’t account for the security side.
What’s really bad about this particular breach is that both of the malwares involved are OLD. Ramnit goes back to 2010, and Conficker dates to 2008. Both of these should have long since been “solved” as security threats. This means that the plant was running very old unpatched systems. As with most network-accessible medical devices, the control systems at a nuke plant are probably not the kind of thing that can be upgraded or patched easily because you have to be sure the patch or upgrade won’t change the way the system works. That’s a Bad Thing(tm) when you connect them to the internet even with strong defenses around them.
Well if there is an attack, better the Europeans than us.
Tons of companies here in the US allow Internet access to major systems in plants and I never understand how people can be so dumb. What I have learned being in IT for the last 15 years is that no level of security or encryption will stop a dumb employee who is careless. These viruses got there because employees were “clicky” on their laptops/tablets so they could feel cool being mobile.
The unfortunate thing is many of the really dumb clicky people are also the same ones with lots of power and influence in your organization so it’s either let them have the ability or you get fired and they find someone who will.
Good start...you left out all-tube electronics.
And no muslims in the plant.
This worm originally targeted users of social networking websites like Facebook, Skype, Yahoo Messenger, and email services such as GMail, Yahoo Mail, and AOL Mail. It also targets other networking websites such as MySpace, LinkedIn and Twitter and can infect other devices on the infected computer's Local network. This infection allows an attacker to access users' personal information such as banking information, credit card numbers, usernames & passwords by using a Keylogger. Some versions of Conficker add the infected PC to a Botnet to perform illegal activities such as a DDoS attack without the user's knowledge.
Nuclear plant & MS Windows OS? Insane.
Why are these control units connected to the Internet? That seems incredibly STUPID.
Krauts better HTFU and do what needs to be done or they’re toast.
Nuclear Plants should NOT be connected to the internet. How many ‘hints’ do we need?
Just look at the US Government Office of Personnel Management who gave away the PII of everyone with a clearance in the US government to the Chinese.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.