{
	"id": "3a5ddfc6-5775-4ea6-b939-742451d1a3a7",
	"created_at": "2026-04-06T00:21:17.659368Z",
	"updated_at": "2026-04-10T03:21:27.816404Z",
	"deleted_at": null,
	"sha1_hash": "f911ecbfca5fe3ac27ed86c9729f5ae5d2aa0f29",
	"title": "Multiple Computer Viruses Have Been Discovered in This German Nuclear Plant",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 490731,
	"plain_text": "Multiple Computer Viruses Have Been Discovered in This German\r\nNuclear Plant\r\nBy Peter Dockrill\r\nPublished: 2016-04-28 · Archived: 2026-04-05 14:34:02 UTC\r\nMarkus Gann/Shutterstock.com\r\nThe potential dangers of USB sticks when it comes to transporting computer viruses are well known, but even\r\nworkers in highly sensitive environments like nuclear facilities can't always seem to prevent themselves from\r\nexposing their PCs to malware.\r\nThe operators of the Gundremmingen nuclear power plant in Germany announced this week that the station has\r\nbeen infected with numerous computer viruses during a routine inspection on the weekend.\r\nMalware was detected on a computer installed with data visualisation software used in conjunction with the plant's\r\nfuel assembly loading machine. Viruses were also found on 18 removable drives in use in the facility, such as USB\r\nkeys and external hard drives.\r\nBut the company maintains that there is no risk to the public or staff, as the operating software running on the\r\ninfected system doesn't give it any actual controls over the fuel assembly loader, and the system is cut off from the\r\ninternet – meaning that any viruses infecting the computer can't report back to base or attempt to download any\r\nadditional malware.\r\nThe plant's representatives said all sensitive areas in the facility are isolated from the web to help protect against\r\nany kind of malware manipulation, and that IT staff had terminated the viruses after finding them in a check on\r\nSunday. The company says it's stepping up security after the incident.\r\nAmong the viruses detected were \"W32.Ramnit\" and \"Conficker\" - two worms that target Microsoft Windows\r\nsystems. W32.Ramnit was first discovered on PCs in 2010, and is spread through removable drives, designed to\r\nenable remote attackers to access compromised PCs. Conficker is a more versatile threat that can propagate\r\nhttps://www.sciencealert.com/multiple-computer-viruses-have-been-discovered-in-this-german-nuclear-plant\r\nPage 1 of 2\n\nthrough networks, and is estimated by security software firm Symantec to have infected upwards of 3 million\r\ncomputers.\r\nWhile both these viruses are considered relatively low-risk malware – and the incident at Gundremmingen has\r\nitself been graded as the least dangerous level on the International Nuclear Event Scale – it's nonetheless a\r\ndisturbing occurrence. And it serves as a reminder of how easily even locked-down, critical infrastructure like\r\nnuclear power plants – where security is of the upmost importance – can't seem to keep technological threats out\r\nentirely.\r\nMikko Hypponen, chief research officer for Finland's F-Secure, told Christoph Steitz and Eric Auchard at Reuters\r\nthat these kinds of breaches were surprisingly common, where general malware finds its way into systems in\r\nspecialised environments.\r\nBut Hypponen says the risk is generally low unless critical infrastructure has been specifically targeted, as the\r\nmalware that targets popular systems like Windows and Android hasn't been designed to find its way around\r\nsystems used in nuclear power plants and plane cockpits, for example, so poses little threat.\r\nThat said, the fact that workers are clearly still unintentionally compromising their own systems with malware on\r\nremovable drives is something we need to be aware of. Germany's Federal Office for Information Security warned\r\nof the likelihood of such an event in a report issued just last year, and until staff in places like nuclear power plants\r\ntake these warnings more seriously, more breaches like this will occur.\r\nWe can only hope the next incident is as consequence-free as it was this time around…\r\nSource: https://www.sciencealert.com/multiple-computer-viruses-have-been-discovered-in-this-german-nuclear-plant\r\nhttps://www.sciencealert.com/multiple-computer-viruses-have-been-discovered-in-this-german-nuclear-plant\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://www.sciencealert.com/multiple-computer-viruses-have-been-discovered-in-this-german-nuclear-plant"
	],
	"report_names": [
		"multiple-computer-viruses-have-been-discovered-in-this-german-nuclear-plant"
	],
	"threat_actors": [],
	"ts_created_at": 1775434877,
	"ts_updated_at": 1775791287,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f911ecbfca5fe3ac27ed86c9729f5ae5d2aa0f29.pdf",
		"text": "https://archive.orkl.eu/f911ecbfca5fe3ac27ed86c9729f5ae5d2aa0f29.txt",
		"img": "https://archive.orkl.eu/f911ecbfca5fe3ac27ed86c9729f5ae5d2aa0f29.jpg"
	}
}