All the latest UK technology news, reviews and analysis

International Atomic Energy Agency hit by unknown malware attack

12 Nov 2013

International Atomic Energy Agency (IAEA) systems have been infected with an unknown data-stealing malware.

IAEA director of public information Serge Gas confirmed to V3 that a number of computers connected to its systems had been infected with malware, but added that no data was affected or compromised.

"During [the] past months some computers operated by the IAEA have been infected by malware. Data from a number of Vienna International Centre visitors' USB drives is believed to have been compromised. The Secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further. No data from the IAEA network has been affected," he said.

He added that the agency has already taken appropriate measures to ensure its systems don't fall victim to a second attack. "All necessary measures are being taken to address the situation. Protecting information is vital to the IAEA's work. The Agency continuously endeavours to achieve the highest possible level of protection of information," he said.

The news follows widespread reports that hackers are increasingly focusing their efforts on critical infrastructure areas, such as power. Security tycoon Eugene Kaspersky revealed earlier this year that the notorious Stuxnet malware had "badly" infected a nuclear power plant in Russia.

Stuxnet is very different to the malware used in the attack on the IAEA. Originally discovered targeting Iranian nuclear plants in 2010, it is unusual as it has a sabotage rather than espionage focus. Security experts have since warned that Stuxnet's atypical nature and behaviour makes it difficult to track, and that it is likely to have infected several more nuclear power plants around the world.

Attacks on critical infrastructure are a growing issue facing governments. The heads of GCHQ, the Security Service (MI5) and Secret Intelligence Service (MI6) argued that they need PRISM-level data-monitoring powers to defend critical infrastructure areas from the cyber threats, during a briefing with the Intelligence and Security Committee (ISC) earlier in November.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus

Samsung Galaxy S5 video review

We break down the key strengths and weaknesses of Samsung's latest Android flagship

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Unified Communications Consultant

Unified Communications Consultant - to £68k + excellent...

Test Analyst (Salesforce)

Our client is looking for contract Test Analyst for a...

Internet Bank Support - Galaxy

Our client requires an experienced Internet Bank Support...

3rd Line Technical Support Engineer / Consultant

Our client is looking for a 3rd line technical support...
To send to more than one email address, simply separate each address with a comma.