Malware, Vulnerability Management

Malware in nuclear power plant prompts plant shutdown

Malware discovered at a nuclear power plant in Germany raised concerns public concerns and prompted the German electric utilities company RWE AG to shut down the power plant as a precaution. The malicious code was discovered in the IT network that affects the fuel loading system in block B of the Gundremmingen nuclear power plant in Bavaria.

In a statement, the power plant Kernakraftwerk Gundremmingen GmbH (KGG) noted that the technical components used for system controls are detached from the Internet. “All sensitive plant areas are decoupled and designed on a redundant and protected against manipulation,” the release stated. “A hazard to personnel, the environment or the system was not involved.”

“This is a fantastic example of where the Internet of Things, as well as BYOD adoption, without the consideration of security has created a huge risk to organizations. Almost every person who walks around today has a USB stick, or a device which can be turned into a removable drive,” wrote Alex Cruz Farmer, VP of Cloud Services at NSFOCUS, in an email to “The saving grace here is that the German power plants were isolated from the internet.”

The malware is not capable of altering the power plant's operations, the company stated. Block B of the nuclear power plant was built in 1984 and the affected IT system was retrofitted in 2008.

The malware was linked to the Ramnit banking trojan and the Conficker worm, according to Softpedia, citing German media reports.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.