Indian Confirms Nuclear Power Station Hack

Indian officials have confirmed that its newest nuclear power plant has been hacked, in a worrying compromise of critical infrastructure of a nation state.

The confirmation that the Kudankulam nuclear power plant in India had been hacked came in an admission from the Nuclear Power Corporation of India Limited (NPCIL) on Wednesday.

News of the hack had first surfaced when VirusTotal, a virus scanner site owned by Google parent Alphabet, flagged a data dump related to the India malware.

Power Station Hack

According to the Financial Times, the Kudankulam nuclear power plant was hacked using malware designed for data extraction linked to the Lazarus Group, a North Korean hacking group.

The Lazarus cyber criminal gang is notorious for a host of attacks since 2009 against targets in the US and South Korea, including the high-profile cyber attack on Sony Pictures and the theft of $81 million (£647m) from the Bangladesh Bank’s US Federal Reserve.

The NPCIL said that “the identification of malware in NPCIL system is correct” after it was noticed back in early September.

“The matter was immediately investigated by DAE specialists,” it said. “The investigation revealed that the infected PC belonged to a user who was connected in the Internet connected network used for administration purposes. This is isolated from the critical internal network. The networks are being continuously monitored.”

“Investigation also confirms that the plant systems were not affected,” it concluded.

NPCIL operates 22 commercial nuclear power reactors in India.

And security experts warned that it is essentially that power plant’s cyber defences needs to be highly secured.

Critical national infrastructure is a lucrative target for cyber hackers,” said Stuart Reed, VP Cyber at Nominet. “Not only can an attack disrupt services that have a nation-wide impact but data is often highly sensitive and valuable.”

“The attack on India’s nuclear power plant is particularly worrying given it should have had the newest and most secure network,” said Reed. “It is fundamental that those responsible for the provision of critical infrastructure are taking the necessary steps to defend themselves from attackers.”

“They need a layered approach to cybersecurity, all the way down to a network level,” he added. “By tapping into the ubiquitous DNS layer for network detection and response, for example, security teams can use their existing infrastructure to identify malicious traffic entering and leaving their network early, allowing them to quickly take steps to mitigate the impact of an attack before damage is done.”

Nuclear hacks

This is not the first time that nuclear power plants have been attacked.

In July 2017, the US Department of Energy (DOE) acknowledged a campaign of attacks that targeted a number of energy companies, including at least one nuclear plant.

In 2016 a German nuclear power plant in Bavaria admitted that its systems were riddled with malware, and it was shut down as a precaution

In 2015 a hacker managed to hack into the systems of a nuclear power plant in South Korea. A computer worm was later discovered in a device connected to the control system, but the plant operator insisted that the breach had not reached the reactor controls itself.

The hacker later posted files from the hack online, and included a demand for money.

The Stuxnet virus meanwhile is know to have caused damage to nearly 3,000 centrifuges in the Natanz facility in Iran.

A German steelworks also suffered “massive damage” after a cyber attack on its computer network in late 2014.

In April this year Kaspersky Lab have warned about the scale of cyber attacks against Industrial Control System (ICS) computers around the world.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

TikTok US Sales ‘Hit $16bn’, ByteDance Nears Meta In World Revenues

TikTok reportedly brought in $16bn in US last year, while parent ByteDance made $120bn worldwide,…

21 hours ago

Bankman-Fried Deserves Up To 50 Years In Jail, Prosecutors Say

Ahead of sentencing prosecutors argue ex-FTX boss Sam Bankman Fried deserves up to 50 years…

21 hours ago

Senators Take Up TikTok Bill After Italy Fine Over Harmful Content

Senators consider bill restricting TikTok after rapid House approval, as Italy competition regulator fines company…

22 hours ago

AI Security Company Backtracks On UK Testing Claims

Security company Evolv backtracks on claims UK government tested its controversial AI security scanning systems

22 hours ago

Norfolk County Council Wins $490m Payout From Apple

Apple agrees to $490m settlement of class-action lawsuit led by Norfolk County Council for allegedly…

23 hours ago

McDonald’s International Outage Caused By Third Party

McDonald's says outage affecting thousands of locations across world caused by third-party tech provider carrying…

23 hours ago