Malware in computer at Kudankulam plant, admits Nuclear Power Corporation of India.
The Nuclear Power Corporation of India (NPCIL) on Wednesday confirmed that one of the computers of the Kudankulam Nuclear Power Project (KKNPP), located in the southern state of Tamil Nadu, was hit by a malware attack in September. The acknowledgment comes a day after the plant authorities denied social media posts and some media reports of a cyberattack on its systems.
In an official press release on Wednesday, NPCIL Associate Director A. K. Nema revealed that the infected PC belonged to a user who was connected to the company’s network for administrative purposes and that the affected computer wasn’t connected to the main plant’s operations.
CERT-In, which is India’s National Computer Emergency Response Team noticed the malware on September 4, 2019. The matter was then immediately investigated by India’s Department of Atomic Energy (DAE).
“Identification of malware in the NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019,” the NPCIL statement reads.
“The matter was immediately investigated by DAE specialists. The investigation revealed that the infected PC belonged to a user who was connected to the Internet-connected network. This is isolated from the critical internal network. The networks are being continuously monitored. The investigation also confirms that the plant systems are not affected.”
Pukhraj Singh, an independent Indian security researcher, who was the first to spot the threat of a potential cyberattack on Indian cyberspace alerted the authorities about the cybersecurity breach.
According to Singh, the attack was not a trivial matter and he did not want to create panic. “A domain controller, which authenticates and authorises resources in a centralised manner, generally sits on the administrative IT network. The Operational Technology network is generally air-gapped, as it’s most critical. I was merely pointing out that the administrative IT network seems to be compromised. It doesn’t necessarily imply the reactor’s control systems were impacted.”
Following the confirmation by the NPCIL, DMK leader MK Stalin raised concerns over the lack of adequate safety measures at nuclear facilities.
Following the NPCIL’s confirmation of a breach, DMK president M.K. Stalin on Wednesday raised concerns over the lack of sufficient safety measures at nuclear facilities and demanded a detailed inquiry into the lapses.
“The cyberattack on NPCIL facilities is shocking and reveals the lack of adequate safety measures. The Union Government must conduct a thorough enquiry into the lapses. The National Cyber Security Coordinator owes an explanation on the preparedness of such facilities,” he tweeted.
Poovulagin Nanbargal, an environmental activist group, too reacted to the cyber attack and demanded that the Tamil Nadu government scrap the permissions given for further reactor expansion at the KKNPP facility.
”The acceptance of cyber attack in NPCIL systems by NPCIL only confirms the worst fears that nuclear reactors are not only prone to natural disasters but also to cyber attacks. The callous manner in which NPCIL dealt with this issue even furthers the fears. We want the state and central government to investigate this cyber attack and bring the culprits to task. We want the state government to scrap the permissions given for further expansion of reactors as any disaster is responsibility of the state government,” it urged.