The Gundremmingen plant, located about 120 km northwest of Munich, is run by the German utility RWE which is not too worried becasue the plant is not connected to the internet.
The viruses, which include “W32.Ramnit” and “Conficker”, were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said.
Malware was also found on 18 removable data drives, mainly USB sticks, in office computers maintained separately from the plant’s operating systems. RWE said it has increased cyber security measures.
W32.Ramnit is designed to steal files from infected computers and targets Windows . It is nearly six years old and is distributed through data sticks, among other methods, and is intended to give an attacker remote control over a system when it is connected to the Internet.
Conficker has been around since 2008. It is able to spread through networks and by copying itself onto removable data drives, Symantec said.
RWE said it has informed Germany’s Federal Office for Information Security (BSI), which is working with IT specialists at the group to look into the incident.
Tuesday was the 30th anniversary of the Chernobyl nuclear disaster – just saying.