A few weeks back, the company that operates South Korea’s nuclear plants suffered a major security breach, in which personnel records and reactor designs were obtained from its computer systems and posted online. At the time, the company said that the breach didn’t affect any of the hardware that controls its nuclear plants, which are not accessible from the Internet. The breach, however, appears to have motivated Korea Hydro and Nuclear Power to audit its control systems, at which point it found a computer worm had infested those systems.
Reuters is reporting that company security experts found the worm in “devices connected to some nuclear plant control systems.” The experts suspect that the worm is completely unrelated to the attacks on its outward-facing systems, which the company CEO said are continuing. Instead, authorities have identified unauthorized use of USB devices as its most likely route of infection; the worm has since been removed.
The company says it is responding to the attacks by adding security experts to its staff.
Read on Ars Technica | Comments