The Gundremmingen nuclear power plant in Germany operated by RWE has found to be affected by viruses “W32.Ramnit” and “Conficker” in a recent study by the station’s operator. It, however, didn’t pose any threat to the facility’s operations because it is isolated from the Internet.
As reported by RWE, the viruses were discovered at Gundremmingen’s B unit in a computer system retrofitted in 2008 with data visualisation software associated with equipment for moving nuclear fuel rods. Malware was also found on 18 removable data drives, mainly USB sticks, in office computers.
Discovered in 2010, W32.Ramnit is distributed with data sticks and is intended to give an attacker remote control over a system when it is connected to the Internet. It is designed to steal files from infected computers and targets Microsoft Windows software.
Infecting windows computers since 2008, Conficker spreads through networks and by copying itself onto removable data drives.
RWE has informed Germany’s Federal Office for Information Security (BSI), which is working with IT specialists at the group to look into the incident.