Computer data from Japanese Nuclear power plant stolen using malware

In Japan, malware was discovered on 2nd January 2014 on a computer in the reactor control room at the Monju power plant. The malware seems to have stolen certain private data from the machine. The fast-breeder reactor at Monju is non-functional and after its launch in 1994, it was only started for a few months. In May 2013, the Nuclear Regulation Authority announced that they would not allow the reactor to launch anytime again.

Japan Today reported that the attack is not complex in nature and the computer seemingly got affected when one of the employees working at the reactor was trying to update a video playback software. The infected machine is used by workers merely for paperwork and hence the malware could not have caused extensive damage. But important emails, training records and employee database might have been compromised and stolen by cyber frauds. According to Enformable, more than 42,000 documents were stored on the machine.

The malware interacted with a South Korean server. After the worker completed the video program update, the infected computer was used more than 30 times over a period of five days.

Though it has no similarity to Stuxnet-style cyber attack, professionals in the field have made a few interesting comments about cyber security prevalent at the Japanese power reactor. John Hawes, working with Virus Bulletin quoted the following on Sophos’ blog:

“In any business setting, software should only be running if it is approved and maintained by IT staff, who should keep a close eye on any updates to make sure they don’t include any connecting-repeatedly-to-somewhere-they-shouldn’t components. This applies to all machines, however non-mission-critical they may be. And even if your nuclear plant isn’t running at full speed, you can’t just put your feet up and ignore safety matters, Homer Simpson style. There’s going to be all kinds of dangerous material around that needs to be properly monitored and maintained, so your IT setup still needs to be held up to higher standards than most businesses.” 

Read More

Suggested Post