Shocking, a German nuclear plant suffered a disruptive cyber attack

A German nuclear plant suffered a disruptive cyber attack, the news was publicly confirmed by the IAEA Director Yukiya Amano.

According to the head of the United Nations nuclear watchdog, the International Atomic Energy Agency (IAEA) Director Yukiya Amano, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three years ago.

“This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it’s the tip of the iceberg.” Amano told Reuters Agency.

“This is not an imaginary risk,” added Amano who also participated in a meeting with Foreign Minister Frank-Walter Steinmeier.

Amano confirmed that cyber attacks on nuclear plants are a serious threat, he did not provide further details of either incident.

Fortunately, the damages caused by the cyber attack on the German nuclear plant did not force the operators to shut down its processes but urged the adoption of additional precautionary measures.

“This actually happened and it caused some problems,” he said. “[the Germant plant] needed to take some precautionary measures.”

Amano added that is is the first time that the attack is discussed in public, he also reported a case in which an individual tried to smuggle a small amount of highly enriched uranium with the intent to build a so-called “dirty bomb.”

Be careful the attack was disruptive, not destructive, and believe me there is a substantial difference. The term disruptive refer a category cyber attacks that are able to destroy internal computer systems without causing the complete destruction of the plant. Examples of disruptive attacks are the attacks against Sony Pictures Entertainment and Stuxnet.

This isn’t the first time that we receive the news of cyber attacks on nuclear plants  There are three publically known attacks against nuclear plants:

• Monju NPP (Japan 2014)
• Korea Hydro and Nuclear Power plant (S.Korea 2014)
• Gundremmingen NPP (Germany 2016).

It is likely that Amano was referring the cyber attack against the  Gundremmingen nuclear plant that occurred earlier this year. Security experts in that case, detected Conficker and Ramnit malware.

Security experts are aware of the possibility that hackers could cause serious problems to nuclear plants worldwide.

According to a report released in March, Germany is not adequately equipped to prevent terrorist attacks in its nuclear plants.

The report was presented by Oda Becker, an independent expert on nuclear plants.

This is of course extremely distressing, especially in the light of the recent tragic events in Belgium with substantial casualties.

The report was brought to public attention at the German Federation for the Environment and Nature Conservation (BUND) Congress, where concerns were expressed towards protecting citizens from catastrophic consequences of another terrorist attack.

 

Amano explained that the UN agency was supporting countries to improve the resilience of their infrastructure to cyber attacks with a series of measures.

“Amano said the U.N. agency was helping countries increase cyber and overall nuclear security through training and a detailed database that included information from 131 countries, and by providing them with radiation detection devices.” reported the Reuters.

“Since 2010, the IAEA said it had trained over 10,000 people in nuclear security, including police and border guards, and has given countries more than 3,000 mobile phone-sized instruments for detecting nuclear and other radioactive material.”

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – nuclear plant, malware)