Categories: MalwareSecurity

Malware based attack hit Japanese Monju Nuclear Power Plant

IT administrator at Monju Nuclear Power Plant discovered that a malware-based attack infected a system in the reactor control room.

On January 2nd one of the eight computers in the control room at Monju Nuclear Power Plant was compromised. An IT administrator has discovered that the system in the reactor control room had been accessed over 30 times in the last five days after an employee updated a free application on one of the machines in the plant.

First information available on the incident confirms that more than 42,000 e-mails and staff training reports were available on the compromised system at the nuclear power plant.

Security experts that investigate on the incident concluded that it is a malware-based attack, a possible vector of the infection could be a software update on the compromised machine, the malicious code has stolen some data sending it to a Command & Control server located in South Korea according tp the network logs on out-bound traffic.

 

 

In November, Japan’s Nuclear Regulation Authority informed the Japan Atomic Energy Agency that anti-terrorism measures adopted  at the Monju Nuclear Power Plant were not adequate.  According to the Regulation Authority, the Japan Atomic Energy Agency is violating security guidelines and is not adopting best practices to ensure the protection of nuclear materials from terrorists and other attacks, including cyber offensives.

The recent incident to the Japan Atomic Energy Agency is not an isolated event, in November of 2012 a computer at the JAEA headquarters at Tokaimura was also infected by a malware.

The Japan Atomic Energy Agency has informed that it is still investigating on the attack, it is fundamental to discover the exact infection process and the nature and volume of the data stolen during the network intrusion.

Nuclear power plants are critical infrastructure, their security is one of the main concerns for every government, consider also that protection of critical systems is a shared responsibility. An incident to a nuclear facility could have a significant environmental impact that affects the overall ecosystem of the planet.

Security of critical infrastructure is a shared goal that could be achieved with a joint effort of governments, private entities and thr population itself. Security awareness, adoption of security best practices, implementation of proper security solutions and sharing of information on incidents are fundamental principles to reach a good compromise between security and cost to sustain to ensure the protection of infrastructures.

Security is a must!

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Monju Nuclear Power Plant, malware)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services…

2 hours ago

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Hot Topic suffered credential stuffing attacks that exposed customers' personal information and partial payment data.…

6 hours ago

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

20 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

1 day ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

2 days ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

2 days ago

This website uses cookies.