Malware found in the control room of a Japanese nuclear reactor

Why does this sound like the beginning of a Godzilla movie?
Written by David Gewirtz, Senior Contributing Editor

It's been a quiet day in Tsuruga, Fukui Prefecture, a large port city on the western coast of central Japan. Like PC users the world over, you've been playing whack-a-mole with update notifications.

This time, it's a piece of free software that you're barely aware of on your computer. Up pops an update notice while you're eating a yummy piece of chocolaty Lotte Ghana left over from the holidays. While you're chewing, you click your mouse, approving the update.

And then you forget all about it as you go on with your normal day's work.

Somewhere, though, in South Korea, you've just made someone's day. You've opened up a back door between a cybercriminal's lair and your computer -- which just happens to be one of eight computers in the Monju fast-breeder nuclear reactor's control room.

Monju Nuclear Plant
Image: Wikimedia Commons


If a flood of bits made noise, you'd start hearing a giant sucking sound coming from the back of your computer, as your new best friend in South Korea (or at least, routing through South Korea) accesses your machine more than 30 times in the space of five days, and gobbles down more than 42,000 email documents and an entire treasure trove of training documents.

Now the good news. Your reactor hasn't been allowed to fire up since 1995 when the reactor shut down after a serious sodium leak and fire. The local community has fought against a restart for more than a decade, which probably was a good thing given that, in 2013 it was discovered that the Japan Atomic Energy Agency didn't, uh, bother inspecting 2,300(!) pieces of equipment.

Japan’s Nuclear Regulation Authority was so unthrilled with the safety processes being carried out by the Japan Atomic Energy Agency at Monju that in November, they simply banned the reactor from ever starting up. And that was before the malware infection.

So let me be clear here. The whole reactor infected by malware thing isn't that bad, simply because other safety procedures at the reactor were so much more bad that the reactor isn't allowed to run. Ever.

As it turns out, Japan's Nuclear Regulation Authority was already starting to lose patience with the Japan Atomic Energy Agency because ... wait for it ... three headquarters administrative computers were infected after users opened infected email attachments.

We don't exactly know who was sucking down the Monju control room documents, but they're probably up to no good. With 42,000 email messages and a pile of training documents now in the hands of troublemakers, there are bound to be a few leads into other critical infrastructure systems now in the hands of the bad guys.

Add to that the documents grabbed from the Japan Atomic Energy Agency HQ and you can be sure that there will be more bad days in Japan's atomic future.

All this is to say that America's government isn't the only one with agencies slacking off, being stupid, and making serious cybermistakes.

Just a little bit of happy news to start the year right and keep you up at night.

Editorial standards