India’s Most Powerful Nuclear Power Station Infected With Malware From North Korea; How Bad Is It??

After so much speculation, denial and confusion on Wednesday, the Nuclear Power Corporation of India (NPCIL)  confirmed the presence of malware in one of the computers. 

A news of government regulating the internet in India is also circulating a lot.

How Did This Happen?

However, on 29 October, the Kudankulam Nuclear Power Project (KKNPP) in Tamil Nadu has denied any hacking traces in one of its control systems.

Just after one day, they have accepted that there is a presence of malware in one of their systems.

Although, the nuclear corporation said that the “systems are not affected” by the cyberattack.

While talking about the same issue, the corporation said, “The identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019.”

They Added “The matter was immediately investigated by DAE (Department of Atomic Energy) specialists. The investigation revealed that the infected PCs belonged to a user who was connected to the internet-connected network used for administrative purposes. This is isolated from the critical internal network,”.

While assuring further they said “networks are being continuously monitored,”.

How Did They Discover This Issue?

According to the reports, a third-party multinational IT company had discovered this attack at the start of September and also alerted the National Cyber Security Council (NCSC).

In response to this, the NCSC set up a cyber audit team that visited the site in mid-September, according to the source. 

During the first week of October, they met KKNPP officials and submitted an advisory with recommendations. 

It is confirmed by the source that a “breach” had happened and also the cleaning of the foreign intrusion was going on.

How Does This Malware Affect The System?

The source said that “Some sort of vulnerability has been discovered,”.

 “In terms of the breach, there are layers. It definitely did not impact the main operations. It affected computers that are used for administrative purposes only,” said the source.

KKNPP had said: “This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants Control Systems are stand-alone and not connected to outside cyber network and Internet. Any cyberattack on the Nuclear Power Plant Control System is not possible,” During a press release on Tuesday.

The two units of the plant are currently operating “without any operational or safety concerns,” said  P Ramadoss, the Training Superintendent and Information Officer. (reference)

Shashi Tharoor, the Congress MP had asked for an explanation from the government on Twitter. 

He said “This seems very serious. If a hostile power is able to conduct a cyber attack on our nuclear facilities, the implications for India’s national security are unimaginable. The Government owes us an explanation.”