Cyber Attack On A Nuclear Power Plant

Uploaded on 2019-11-08 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Production-Energy

An Indian nuclear power plant suffered a cyberattack. The Nuclear Power Corporation of India Limited (NPCIL) has issued a statement admitting that the claims of a malware attack on the Kudankulam Nuclear Power Plant (KKNPP) located in Tamil Nadu is true. 

The KKNPP (pictured) is the biggest nuclear power plant in India, equipped with two Russian-designed and supplied VVER pressurised water reactors with a capacity of 1,000 megawatts each. Both reactor units feed India's southern power grid. The plant is adding four more reactor units of the same capacity, making the Kudankulam Nuclear Power Plant one of the largest collaborations between India and Russia.

A NPCIL spokesman, said, "Identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019....."The matter was immediately investigated by DAE specialists. The investigation revealed that the infected PC belonged to a user who was connected in the Internet connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored."

Additionally, he confirmed that the plant systems are not affected.

The admission from the governing body comes a day after the training superintendent and information officer at KKNPP, issued a statement that categorically denied any instance of cyber-attacks on India's largest nuclear power plant. 

The statement said, "This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants' control systems are standalone and not connected to outside cyber network and Internet.... Any cyber-attack on the Nuclear Power Plant Control System is not possible. Presently, KKNPP's Unit-1 and 2 are operating at 1000 MWe and 600MWe respectively, without any operational or safety concerns."

The cyber attack on the KKNPP network was initially reported by cyber security researcher Pukhraj Singh, who was notified about the attack by an undisclosed independent party. 

Subsequently, the attack was reported to India's national cyber security coordinator, General Rajesh Pant, on September 3. The matter was acknowledged by the governing body a day later, which has now been confirmed via NPCIL's statement.  interestingly, the indicators of compromise in the attack was then found to be the Dtrack malware, which has been picking up pace in India, affecting enterprise networks and ATMs.

Believed to be produced by the Lazarus APT (advanced persistent threat) group, Dtrack is said to be specifically targeting India across various industries, with the KKNPP attack possibly the most critical so far. 

NPCIL has admitted that the malware attacked a system connected to the administrative network, hence leaving open the possibility of the malware gaining unauthorised admin privileges, and subsequently, scrolling sensitive information from concerned networks. Konstantin Zykov, senior security researcher at Kaspersky and the man behind discovering the Dtrack attacks in India, said that Kaspersky could not independently verify if the nuclear plant was among Dtrack's target list. 

Zykov stated to News18, "In our research, there were no confirmations of any cyber incident involving any nuclear power plant in India. We are not able to comment further on this matter as we have already published all our findings about Dtrack on Securelist."

News18:        GulfNews

You Might Also Read: 

German Nuclear Plant Infected With Viruses:


 

« Machines With The Power To Kill
Fake News Generated Against Hong Kong Protesters »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Security Innovation

Security Innovation

Security Innovation is a leader in software security assessments and application security training to top organizations worldwide.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

Verimuchme

Verimuchme

Verimuchme is a digital wallet and exchange platform to secure, verify and re-use personal information.

Forgepoint Capital

Forgepoint Capital

ForgePoint Capital is a premier venture investor for early stage cybersecurity companies.

Propelo

Propelo

Propelo (formerly LevelOps) is an engineering excellence platform that helps increase developer productivity and improve security with data-led insights and workflow automation.

Phy-Cy.X Security Group

Phy-Cy.X Security Group

Phy-Cy.X specialize in the “Physics” of Information Security through both physical and cyber domains. We are not an IT company, we ARE an Information Security company.

Securd

Securd

Securd takes opportunities away from your cyber adversaries. Cloud-delivered zero-trust DNS firewall and web filtering protection keep your business network and remote employees safe.

Stratia Cyber

Stratia Cyber

Stratia Cyber is an independent, technology agnostic company providing high quality, pragmatic cyber security consultancy and expertise.

VCG Group

VCG Group

VCG provides everything you need for the design, implementation and management of data centres, cyber-secure enterprise networks, cloud and connectivity services.

Raiven Capital

Raiven Capital

Raiven Capital is a global early-stage technology venture capital fund. We focus on founder-led, driven companies on the leading edge of disruption.

Regtank Technology

Regtank Technology

Regtank is a one-stop compliance solution for fintechs, navigating compliance, security and risk management.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.

Velaspan

Velaspan

Velaspan design, deploy, and manage enterprise wireless networks and cybersecurity solutions for leading businesses and brands.

Affinity Technology Partners

Affinity Technology Partners

Affinity Technology Partners has been fueling the growth of Nashville, Tennessee businesses and nonprofits with reliable IT services since 2002.

Qwiet AI

Qwiet AI

At Qwiet AI we enable you to prevent cyberattacks by securing code from the start. Secure code in three steps.