Hyderabad: A day after the Nuclear Power Plant Corporation of India (NPCIL) officials denied ‘cyber-attacks’, the authorities on Wednesday has confirmed the presence of malware.
In a press statement issued on October 30th, the NPCIL said, “identification of malware in NPCIL system was correct, but the affected system was not connected to the main plant system’.
The officials further shared that the CERT has conveyed the matter. The organisation falls under the purview of the Department of Atomic Energy (DAE), a wing under the Prime Minister’s office.
Shelley Kasli – Co-founder of Great Games India, who reported about the issued, said,
On October 19th, the second nuclear power unit at Kudankulam stopped operating.
Kaspersky, a cybersecurity firm founded by Russian intelligence was monitoring suspicious activities of spyware dubbed DTrack infiltrating the administrative controls eventually gaining domain controller level access to Kudankulam Nuclear Power Plant.
He further adds, “The same information was relayed to KNPP officials through cybersecurity expert Pukhraj Singh in early September. Ultimately, the team was able to contain the impact of the cyber strike from causing more damage”.
Although an official statement from a low-level official from KNPP denied the incident claiming, since the “control systems at India’s power plants are not connected to the Internet, any cyber strike is impossible”.
This is, however, a false assumption. A similar incident occurred at Iranian Nuclear facility at Natanz targeted by Israeli intelligence through stolen NSA tools now known as Stuxnet.
NPCIL revealed : Computer which was connected to the network used for admin purposes at Kundankulam Nuclear Power Plant was malware infectedFortunately, It wasn't connected to power plant's main systemGovt must be careful - DRDO, ISRO, Nuclear plants' systems don't get hacked— Anshul Saxena (@AskAnshul) October 30, 2019
NPCIL revealed : Computer which was connected to the network used for admin purposes at Kundankulam Nuclear Power Plant was malware infectedFortunately, It wasn't connected to power plant's main systemGovt must be careful - DRDO, ISRO, Nuclear plants' systems don't get hacked
Iranians, with the help of the Russians, were although able to contain severe damage, a valuable lesson was learned. The myth of the impenetrable air-gap network was shattered in front of the whole world.
It was these same lessons learnt during the Iranian incident that helped to prevent a catastrophe at KNPP.