Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Computer virus hits nuclear power site: Machines at Sizewell B plant play 'Yankee Doodle'

Susan Watts,Technology Correspondent
Wednesday 10 November 1993 19:02 EST
Comments

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

COMPUTERS at the site of the Sizewell B nuclear power station have been infected with a virus that plays 'Yankee Doodle' on affected machines.

The security breach took place in July, when 'one or two' personal computers in temporary construction offices at Sizewell became infected. An engineer who was working under contract at the Suffolk site has been sacked for bringing in code without running it through an anti-virus checker. This would have spotted the 'Yankee' virus involved.

Such checks have been standard for more than a year for all software entering the Nuclear Electric sites. A spokesman said yesterday: 'We wouldn't want to infect the networks linking the sites of a company the size of Nuclear Electric . . . that could cause absolute chaos.'

He said the company was concerned that its security procedures had been violated, but that there was 'absolutely no association' between the stand-alone word processing systems which became infected and the primary protection system for the plant.

The Government's nuclear safety watchdog, the Nuclear Installations Inspectorate, is examining the integrity of all Sizewell's computer systems.

It has sought assurances from Nuclear Electric, which runs the site, that viruses could not infect the computerised protection system designed to shut down the plant in an emergency. Sizewell B, due to open next year, is the first nuclear power plant to rely so heavily on computerised shut-down.

The spokesman for Nuclear Electric said yesterday it would be 'impossible' to put a virus on to the protection software, since this is written in a form that effectively locks it away from outside interference. During maintenance, certain parameters on the software can be checked, but its basic code cannot be altered.

However, the Health and Safety Executive has said that the possibility that unauthorised code could be introduced into the primary protection system's software is 'a legitimate question and one which we have pursued as part of our technical assessment of the safety case'.

A report in today's issue of Computer Weekly says the incident in July came to light after a prominent local campaigner against Sizewell received an anonymous telephone call. He wrote to the Health and Safety Executive, which said it was aware of the intrusion.

The executive replied that it was 'highly unlikely that any unauthor ised code would remain undetected' if introduced into the plant's primary protection system, perhaps as the software was being written or during its subsequent use. 'We have yet to complete our assessment of the safeguards provided against such events, but we expect to reach a satisfied conclusion,' the letter states.

Richard Ford, editor of Virus Bulletin, said systems other than those running on personal computers would be very difficult to infect. 'One would hope that they wouldn't be running anything mission-critical on a personal computer. This is not going to do anything for public perception of security at Sizewell, but then you might expect less security on, say, a typing pool computer than on a system controlling the position of fuel rods.'

He said the intrusion was cause for concern, but said 'Yankee' was a simple, parasitic virus that was not particularly serious. However, virus software is usually very badly written, so its effect in a computer system is hard to predict. The 'Yankee' virus could corrupt files and cause a system to crash.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in