April 27, 2016– A German nuclear power plant located near the city of Munich has been found to have several strains of malware, some as old as Conficker (of the year 2008 vintage). There was a bunch of other malware as well, including remote access trojans, worms, file stealers and more! The system was not connected to the internet, so it is one more example of industrial control systems that can get infected without being connected to anything online. This was accidentally discovered by employees of the electrical utility RWE of Germany.
Not only this, they found other malware on as many as 18 USB removable storage devices. Fortunately, the incident did not affect the Gundremmingen Nuclear Power plant safety or operations, as the malware was targeted towards financial systems. However apparently, RWE has reported to Federal Office for Information Security to investigate how the malware could enter the system.
In our opinion, for Industrial Control Systems or Safety Instrumented Systems the USB connections to the computers on such systems should be physically secured, to prevent such incidents.
More information can be found at Arstechnica here.