[ISN] Virus puts N-plant data on Net

From: InfoSec News (isn@private)
Date: Thu Jun 23 2005 - 22:22:34 PDT


http://www.yomiuri.co.jp/newse/20050624wo2a.htm

The Yomiuri Shimbun 
June 24, 2005

Maintenance data on nuclear power plants were leaked and shown on the
Internet after a computer virus attacked a personal computer of an
employee of Mitsubishi Electric Corp.'s subsidiary in charge of plant
inspections and maintenance, it was learned Thursday.

Data equivalent to 31 floppy disks, including a draft report of power
plant inspections, a repair manual, name lists of inspection workers
and photographs of the inside of the plants, were leaked from the
employee's privately owned PC.

The plants included Tomari Nuclear Power Station of Hokkaido Electric
Power Co., Sendai Nuclear Power Station of Kyushu Electric Power Co.  
and Mihama Nuclear Power Plant of Kansai Electric Power Co.

As much of the information was confidential, the problem is expected
to stir controversy over the security of information on nuclear power
plants and other related facilities, nuclear experts said.

Maintenance work on the plants was consigned by Mitsubishi Electric to
its subsidiary, Mitsubishi Electric Plant Engineering Corp. based in
Taito Ward, Tokyo. The company said the data leakage likely was caused
by a computer virus that affected the laptop PC of an employee who was
in charge of maintenance.

The virus appears to be of a variety that infects Winny file-swapping
software and reveals data through the software.

Winny is free software available on the Internet with which users can
share and swap documents, graphics, audio and other computer files
stored on individual PCs via the Internet.

Officials of the subsidiary said its employees were allowed to use
privately owned PCs for work if they received permission from their
superiors. They added that data-coding and other measures to prevent
information leakage were not used on employees' private PCs.

The Nuclear and Industrial Safety Agency has demanded the power
companies submit a detailed report about the incident as soon as
possible.

Kazuo Matsunaga, director general of the agency, said, "Right now it
hasn't been confirmed that information about nuclear material that is
immediately legally problematic was leaked."

The agency believes that there was no leakage of sensitive information
that would constitute a violation of the Nuclear Reactor Regulation
Law.

Mitsubishi Electric said the leaked data included a draft report about
checks on Tomari plant's No. 2 reactor and work manuals for repair
work on Sendai plant's No. 1 reactor.

The data also included a copy of an e-mail written by the employee to
parent company officials that said he had discovered an abnormality in
a part of a generator, but had not reported it to the power company.

Mitsubishi Electric said it was investigating whether this apparent
failure to report the incident to the company was true.

A Mitsubishi Electric official said: "All the data were about power
generators. They contained no information directly related to nuclear
reactors."

"We'll urgently confirm all details of the incident and totally
reexamine information control systems," the official added.

However, it is possible that highly secret information directly
related to the safety of nuclear reactors could be leaked from private
PCs belonging to employees.

Information technology experts said the incident again confirmed lax
information management in companies and government offices, and
experts believe the problem likely will make the government and
companies question whether their systems to control confidential and
personal information are sufficient.

There have been numerous incidences of information being leaked
through Winny file-sharing. In addition, there are various methods to
illegally obtain personal and confidential information via the
Internet, such as hacking and phishing.

Last year in Hokkaido, information on police investigations was leaked
from a police officer's own PC.

In March, names, health check results and other personal information
on about 50 patients who had checkups at Tokyo Medical and Dental
University Hospital in Bunkyo Ward, Tokyo, were found to have been
leaked.

Copyright 2005 The Yomiuri Shimbun



_________________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 23-28 - 
2,000+ international security experts, 
10 tracks, no vendor pitches.
www.blackhat.com 



This archive was generated by hypermail 2.1.3 : Thu Jun 23 2005 - 22:31:28 PDT