Tuesday, April 26, 2016 - 23:09

Karma is a biatch and it really favors the BSI

A couple of days ago Arne Schönbohm (BSI) made a remarkably careless remark in an interview with German newspaper Welt. According to him the idea that hackers gain access to nuclear power plants and cause a MCA is nonsense. Karma does not favor the careless ...

The very next day FAZ reported that the German NPP Grundremmingen in Bavaria had identified malware in a system that's apparently responsible to transport old fuel elements from the core to a storage facility. The malware was identified as conficker and ramnit. Two rather old bulk worms. I would guess that someone in the plant got them on the system with an infected media. It's certainly not an attack and unlikely even a relevant threat. But if someone carelessly plugged in a USB stick (or whatever) it could have been a host for pretty much anything else as well.

Back to the original statement. Is it really nonsense? NPPs are quite complex systems with loads of active components. I'm fairly certain most operators would rule it out. I'm even more certain they missed something.