|
| Confidential information about power plants has
been released onto the internet. |
Experts at SophosLabs™, Sophos's global
network of virus and spam analysis centers, have reminded internet
users of the importance of computer security after media reports
revealed that sensitive information about nuclear power plants has
been leaked onto the internet from a virus-infected computer.
According to the Japanese press, approximately 40MB of
confidential reports, related to nuclear power plant inspections
over several years, was leaked from a virus-infected computer
belonging to an employee of the Mitsubishi Electric Plant
Engineering (MPE). The data is said to have been distributed to
users of the Winny peer-to-peer file-sharing system. Winny is the
most popular file-sharing network in Japan, with over a quarter of
a million users.
According to officials, the leak occurred when a 30-year-old
engineer used his personal computer for company business. The PC
was infected with an unnamed computer virus which is said to have
enabled Winny users across Japan to access the sensitive
information. The exposed data included photographs of the insides
of the nuclear power plants, and the names and addresses of
inspecting engineers.
"It's bad enough when an individual has data stolen from them by
a malware attack, but a nuclear power station being the victim is a
real cause for concern," said Graham Cluley, senior
technology consultant at Sophos. "The fall-out from this breach
acts as an unpleasant reminder that all businesses need to take
computer security seriously."
Authorities have been quick to reassure the public that it does
not believe that the information leaked was directly related to
radioactive substances.
Sites referred to in the leaked data include Kansai Electric
Power's Mihama nuclear plant and a power station in Tsuruga, as
well as pressurised water reactors in Tomari and Sendai.
"If you allow your employees to put sensitive company data onto
their own home computers, you are running the risk that they will
not be as well defended as the PCs within your organization,"
continued Cluley. "Security at power plants should be at an
all-time high, but it needs to extend beyond the physicality of
barbed wire and high walls and encompass information security
too."
Sophos recommends companies protect their email gateways,
desktops and servers with an automatically updated consolidated solution to defend against the
threats of viruses and spam.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.