Follow Slashdot stories on Twitter


Forgot your password?

German Nuclear Plant Infected With Computer Virus ( 87

archatheist shares a Reuters report: A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility's operations because it is isolated from the Internet, the station's operator said on Tuesday. The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE. The viruses, which include "W32.Ramnit" and "Conficker", were discovered at Gundremmingen's B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said.
This discussion has been archived. No new comments can be posted.

German Nuclear Plant Infected With Computer Virus

Comments Filter:
  • Smart move! Gives a whole new meaning to the phrase "Blue Screen of Death", doesn't it? Doesn't the Windows license specifically say it shouldn't be used for nuclear plants?
    • I thought they still ran on OS/2
    • by npslider ( 4555045 ) on Wednesday April 27, 2016 @03:35PM (#51999471)

      Windows machines are world famous for both stability and security. Over a billion devices can't be wrong!

    • I think green or red is the right color there.

    • by thegarbz ( 1787294 ) on Wednesday April 27, 2016 @04:13PM (#51999793)

      Windows doesn't run nuclear power plants. Windows displays a HMI that allows operators to interact with a specific control system with specifically custom coded control routines which run nuclear power plants. Nothing against that in the license.

      Now that that misconception is out of the way, please tell me what I should run instead of Windows, then tell me which manufacturer of industrial control systems offers such a product. Every major manufacturer of industrial control systems switched to Windows many years ago for their HMIs, more recently even back end servers have switched to Windows too.

      • by Anonymous Coward

        Because when you spend houndreds of millions of dollars on a plant like this you have no leverage over the suppliers at all?

        • Yep exactly. You and the power industry would like to think otherwise, but control systems even Nuclear 1E certified systems are almost commodity and are just standard industrial control systems with a piece of paper attached from the school of thought of making one device that does everything is cheaper.

          The nuclear industry doesn't have leverage. Heck downstream oil/gas doesn't have leverage. These are markets that aren't dominated but are outright owned by chemical / upstream. Unless you place an order of

      • > Windows doesn't run nuclear power plants. Windows displays a HMI

        > more recently even back end servers have switched to Windows too.

        Have your cake and eat it too?

    • by RobinH ( 124750 ) on Wednesday April 27, 2016 @04:16PM (#51999813) Homepage
      I work in the automation industry. PC-based control is very common now, and is increasing in popularity, and yes you have to firewall those systems off from the network, or air-gap them, depending on the threat model. However, even an air-gapped control system needs to have maintenance people move files on and off of it. In the typical PLC-based system there's typically a laptop with the programming software on it which you have to hook up to the PLC to program, debug, troubleshoot, etc. The fact is, a PC-based control system sometimes has advantages because the PC has the programming software on it and doesn't leave the controlled area. Still, people want to copy files, so you have to defend air-gapped systems anyway. It's a tough problem, and one that the major control system manufacturers aren't providing any assistance to help us solve either. Remember, most controls people have electrical/mechanical engineering degrees. In a large plant it should be IT's job to come up with security procedures as the automation people just aren't qualified.
      • I don't disagree with what you say but IT has shown to not be qualified in the past too. Well not all IT but certainly some working in it. I have walked in behind people and saw servers wide open to the internet with no root password, little to no attempt at disabling unused services or closing unused ports, no virus protections, and enough IE popup Windows open that it creates a 10 minute delay on the desktop trying to access anything. Of course I was called in because they had enough of restarting the

    • You called for it:

      Windows NT crashed.
      I am the Blue Screen of Death.
      No one hears your screams.

      - Peter Rothman []

  • I must ask...

    Were they falsifying power-plant emissions?

    • Only for the diesel power plants...
    • by Anonymous Coward

      Most of the manfacturers caught manipulating emissions so far were not German...

  • No. No. No. (Score:5, Insightful)

    by LWATCDR ( 28044 ) on Wednesday April 27, 2016 @03:59PM (#51999675) Homepage Journal

    "As an example, Hypponen said he had recently spoken to a European aircraft maker that said it cleans the cockpits of its planes every week of malware designed for Android phones. The malware spread to the planes only because factory employees were charging their phones with the USB port in the cockpit.

    Because the plane runs a different operating system, nothing would befall it. But it would pass the virus on to other devices that plugged into the charger."

    Okay for a system to spread a virus it must execute code...
    So does this mean that F_Protect have no idea what they are doing or are they just spreading FUD.

    • by AmiMoJo ( 196126 )

      It depends what the aircraft USB ports are configured as. Rather than acting as hosts, they might be acting as mass storage or MTP. Ideal for uploading updates to flight and navigation data.

      Having said that, it does sound suspicious. Android malware is pretty rare and since most people don't root their phones or enable unknown sources, and Google is proactive about deleting it.

      And you would think anyone with access to aircraft systems could control the urge to charge too.

      • by LWATCDR ( 28044 )

        Then your android phone must support OTG and the next device that you plug in that gets infected must also support OTG and for some really odd reason copy the fill from mass storage all on it's own and run it.
        In other words?

  • The proposition "not to have posed a threat" does not seem to follow from the combination of "found to be infected" and "isolated from the Internet".

    Were the computers isolated from the control board of the nuclear power station? That's the important question.

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Yes, the fuel transfer equipment is basically cranes and such to move the fuel in and out of the plant and into spent fuel pools. It has nothing to do with the control board which controls the reactor.

      • Oh, thank god, I mean, it's not like you could use the cranes that move fuel in and out of the plant to cause any havok with radioactive material, right?

  • Is there anything more that has to be said?
  • By any chance would this 'computer Virus' only work on Microsoft Windows running on Intel based hardware?

Loose bits sink chips.