17 Janvier 2014
Source : Security Affairs
by paganinip on January 10th, 2014
On January 2th one of the eight computers in the control room at Monju Nuclear Power Plant was compromised. An IT administrator has discovered that the system in the reactor control room had been accessed over 30 times in the last five days after an employee updated a free application on one of the machines in the plant.
First information available on the incident confirms that more than 42,000 e-mails and staff training reports were available on the compromised system at the nuclear power plant.
Security experts that investigate on the incident concluded that it is a malware-based attack, a possible vector of the infection could be a software update on the compromised machine, the malicious code has stolen some data sending it to a Command & Control server located in South Korea according the network logs on out-bound traffic.
In November, Japan’s Nuclear Regulation Authority informed the Japan Atomic Energy Agency that anti-terrorism measures adopted at the Monju Nuclear Power Plant were not adequate. According the Regulation Authority, the Japan Atomic Energy Agency is violating security guidelines and is not adopting best practices to ensure protection of nuclear materials from terrorism and other attacks, including cyber offensives.
The recent incident to the Japan Atomic Energy Agency is not an isolated event, in November of 2012 a computer at the JAEA headquarters at Tokaimura was also infected by a malware.
The Japan Atomic Energy Agency has informed that it is still investigating on the attack, it is fundamental to discover the exact infection process and the nature and volume of the data stolen during the network intrusion.
Nuclear power plants are critical infrastructure, their security is one of the main concerns for every government, consider also that protection of critical systems is a shared responsibility. An incident to a nuclear facility could have a significant environmental impact that affects the overall ecosystem of the planet.
Security of critical infrastructure is a shared goal that could be achieved with joint effort of governments, private entities and population itself. Security awareness, adoption of security best practices, implementation of proper security solutions and sharing of information on incidents are fundamental principles to reach a good compromise between security and cost to sustain to ensure protection of infrastructures.
Security is a must!