German nuclear plant uncovers malware throughout its systems

But risk is minimal as infection unable to get into control network

A German power plant has admitted it has uncovered numerous malware infection in its core systems.

A report on Reuters said that the Gundremmingen power plant, run by the German utility RWE, was found to have several instances of malware within its systems. However, these are not connected to its main operating systems, reducing the risk of any serious incident from the infection.

The malware includes the W32.Ramnit and Conficker worms, which were said to have been introduced to the plant during the retrofit of data visualisation software associated with equipment for moving nuclear fuel rods that took place in 2008.

Additionally, malware was also found on 18 USB sticks and other removable drives in computers that were also not connected to the plant's main operating systems.

RWE said it had increased cyber-security measures as a result of the findings and told Germany's Federal Office for Information Security (BSI) about the incident.

A spokesperson speaking to the IBTimes said: "Systems that control the nuclear process are analog thus isolated from cyber threats. These systems are designed with security features that protect them against manipulation."

While the threat may sound scary the fact the systems are not connected to other networks within the facility means the risk is minimal.

Furthermore, given the fact the malware has been there so long and apparently dormant, it appears it likely ended up in the system by mistake, rather than through malicious intent, so the power plant was not under attack at some point.

Nevertheless, it underlines the risk of malware finding its way into all areas of computer systems, even in supposedly highly secure systems.