Our first news item is about a virus that hit the nuclear plant in Gundremmingen, Germany. Rob Ziere, teachet at the Security Academy talks about the incident and has a strong view on the subject.
Get social, subscribe to our various social media channels and share your thoughts about this topics.
When you rather read..
Hi! You are watching the Security Academy news channel. My name is Rob Ziere and I work for the Security Academy as a teacher and courseware developer.
Today I’d like to discuss with you the recent news about the German nuclear power plant in the Bavarian village of Gundremmingen. As a strange twist of fate, exactly on the day of the 30th anniversary of the Chernobyl disaster, this plant has been the victim of a computer virus and was shut down as a precaution.
A statement released by the power plant said that malware hit the IT network that controls the fuel handling system at block B of the reactor. The malware is well known to IT specialists and it attempts to create a connection to the internet without the user of the computer choosing to do so, the statement added. It was believed the virus may have come from an employee’s USB stick.
To most security professionals all this brings back memories to the famous Stuxnet virus that was found in an Iranean nuclear plant in june 2010. But the management of the German reactor insisted that the virus posed no danger to the public as all the computers which are responsible for controlling the plant are disconnected from one another and not connected to the internet.
Looking at all this from a security perspective, what should we think of all this?
Personally, thinking of everything the security community has learned over the past decades about threats and related mitigating measures, I find it pretty scary that these incidents apparently still can happen.
We think all of this is simply not acceptable and justifies severe security measures.
Now we all know that the heavier the security measures get, the more expensive they become. So, one might raise the question about the business case. And yes, this is somewhat cynical when it comes to human lives or human heath, but we are speaking here about power plants that are both run by states and by private companies. Both parties have their own reasons not to spend too much money. So, we are interested to learn what you think about this. Should the management of these power plants think in terms of a business case at all, when it comes to the security surrounding their facilities? Or should they simply go for the best of the best in security measures? Is there an optimum here, and if so, where is it?
Please let us know – we’re curious to hear from you.
That’s it for now – thanks for watching and have a nice day!