German Nuclear Plant Infected With Computer Virus

archatheist shares a Reuters report: A nuclear power plant in Germany has been found to be infected with computer viruses, but they appear not to have posed a threat to the facility's operations because it is isolated from the Internet, the station's operator said on Tuesday. The Gundremmingen plant, located about 120 km (75 miles) northwest of Munich, is run by the German utility RWE. The viruses, which include "W32.Ramnit" and "Conficker", were discovered at Gundremmingen's B unit in a computer system retrofitted in 2008 with data visualization software associated with equipment for moving nuclear fuel rods, RWE said.

Re:Conficker???

[EndlessNameless]

The systems were setup in 2008. They probably do run Windows XP.

And don't forget that most industrial control systems are not modified after installation. Vendors are notoriously reluctant to support any changes at all, including basic OS updates.

My employer has equipment connected to unpatched XP SP1 systems because the vendor won't support anything else, and the organization is not willing to spend $200K+ to replace machines that are doing their jobs.

They are standalone systems because of issues exactly like this one. If someone took an infected file over, it would be a long time before we noticed. There is no value in traditional antivirus without signature updates---which might be a consideration if the vendor supported it with antivirus in the first place.

This is what a lack of competition looks like. They don't have to support basic security measures because there are only one or two other companies in the world that make comparable equipment, and they offer the same level of support. So our security is screwed until the government decides to regulate it.

And nevermind all the man-hours we waste doing data transfers to/from these systems. That's just a cost of doing business.