Malware Stole Data from Computer at Japanese Nuclear Power Plant
An employee downloaded a rogue video playback program
On the second day of 2014, a piece of malware was identified on a computer in the reactor control room at the Monju nuclear power plant. The threat is said to have stolen private information from the infected machine.The Monju fast-breeder reactor is not operational. In fact, it only operated for a few months after it was launched in April 1994. Some attempts have been made to restart it, but in May last year, the Nuclear Regulation Authority announced its official decision to prohibit its restart.
The infection on one of the facility’s computers isn’t part of a sophisticated cyberattack. Instead, it appears that one of the facility’s employees wanted to update a video playback program, Japan Today reported.
Since the computer is used by workers to file paperwork, the damage that a piece of malware could have caused is limited. However, the cybercriminals controlling the malware could have stolen sensitive documents, including emails, training records and employee data sheets.
Enformable reported that over 42,000 documents were stored on the device.
As far as the malware is concerned, it apparently communicated with a server in South Korea. The infected device was accessed more than 30 times during a five-day period after the worker performed the video software update.
While this clearly isn’t a Stuxnet-style attack, experts make an interesting point regarding cyber security at the Japanese nuclear power plant.
“In any business setting, software should only be running if it is approved and maintained by IT staff, who should keep a close eye on any updates to make sure they don't include any connecting-repeatedly-to-somewhere-they-shouldn't components. This applies to all machines, however non-mission-critical they may be,” Virus Bulletin’s John Hawes noted on Sophos’ blog.
“And even if your nuclear plant isn't running at full speed, you can't just put your feet up and ignore safety matters, Homer Simpson style. There's going to be all kinds of dangerous material around that needs to be properly monitored and maintained, so your IT setup still needs to be held up to higher standards than most businesses,” he added.