Infected PC leaks nuclear secrets

Sensitive information about nuclear power plants has been leaked over the internet from a virus-infected computer.

According to the Japanese press, approximately 40Mbytes' worth of confidential reports related to nuclear power plant inspections over several years was leaked from a virus-infected computer belonging to an employee of Mitsubishi Electric Plant Engineering.

Download this free guide

From forensic cyber to encryption: InfoSec17

Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

The data is said to have been distributed to users of the Winny peer-to-peer file-sharing system. Winny is one of the most popular file-sharing networks in Japan, with over 250,000 users.

According to officials, the leak occurred when a 30-year-old engineer used his home PC for company business. The PC was infected with an unnamed computer virus which is said to have enabled Winny users across Japan to access the sensitive information.

The leaked data included photographs of the insides of nuclear power plants and the names and addresses of inspecting engineers.

“The fall-out from this breach acts as an unpleasant reminder that all businesses need to take computer security seriously. If you allow your employees to put sensitive company data onto their own home computers, you are running the risk that they will not be as well defended as the PCs within your organisation,” said Graham Cluley, senior technology consultant at security software company Sophos.

“Security at power plants should be at an all-time high, but it needs to extend beyond the physicality of barbed wire and high walls and encompass information security too,” he added.

Sites referred to in the leaked data include Kansai’s Mihama nuclear plant and a power station in Tsuruga, as well as pressurised water reactors in Tomari and Sendai.