Danger USB! Malware infects UN Nuclear Agency computers

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

IAEAAn internal investigation has discovered that some of the computers at the International Atomic Energy Agency (IAEA) headquarters in Vienna have been infected for months with data-stealing malware.

However, the organisation – which reports to both the UN General Assembly and Security Council – says it believes that its network was not compromised.

Reuters, which first reported on the security incident after seeing a confidential note sent to member states, quoted agency spokesman Serge Gas, who confirmed some details:

Data from a number of Vienna International Centre (VIC) visitors’ USB drives (data memory sticks) is believed to have been compromised. The (IAEA) secretariat does not believe that the USB devices themselves were infected or that they could spread the malware further. No data from the IAEA network has been affected

Sign up to our free newsletter.
Security news, advice, and tips.

As Kevin Townsend at InfoSecurity Magazine reports, there’s something a bit odd here.

Normally, USB-aware malware has no qualms about infecting USB devices as they are inserted into infected PCs. But on this occasion, it appears that the malware was designed to harvest information from USB sticks as they were plugged into compromised computers.

In short, the intention wasn’t to spread – but to gather information.

This theory is given more credence by the acknowlegdement that the infected computers were located in the Vienna International Centre, a common area of the IAEA headquarters were staff and state officials work and meet.

Vienna International Centre. Creative Commons

Users of these shared computers might be very careful not to copy sensitive files from their USB sticks onto the PCs. But what if malware on those computers were secretly and silently harvesting any contents of plugged-in USB sticks anyway?

My hunch is that this was an attack, targeted against people who used the computers in the common area of the UN’s nuclear agency, with the intention of grabbing sensitive and confidential information.

The big questions that remain unanswered are this – who was behind the attack, and what happened to the sensitive data that the malware scooped up?


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Danger USB! Malware infects UN Nuclear Agency computers”

  1. Martin Hepworth

    Iran getting its own back for the Stuxnet infection ???

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.