Indian nuclear power plant detects cyber attack
01 November 2019
The state-run Nuclear Power Corp of India Ltd (NPCIL) confirmed on October 30 that it had suffered a cyber attack. The hack occurred at the Kudankulam plant, the country’s newest nuclear power plant, in the state of Tamil Nadu in the south of the country.
Kudankulam Nuclear Power Plant - Image: Wikimedia / indiawaterportal.org
Cyber experts had warned NPCIL that its systems had been compromised as early as September 4, however the utility has rejected these reports and said the malware was isolated from its critical networks and did not impact its systems.
In a statement, NPCIL said that it had detected malware designed for data extraction on one computer in early September. “The investigation revealed that the infected PC belonged to a user who was connected in the internet network used for administrative purposes. This is isolated from the critical internal network,” the statement said. “The networks are being continuously monitored. Investigation also confirms that the plant systems are not affected.”
The malware, known as DTrack, has been used previously by the Lazarus Group, a hacking group with links to North Korea. The malware was used to steal financial data of millions of Indians as well as against Hitachi Payments Services, a private operator of ATMs across the country.
NPCIL designs, constructs and runs power reactors across India, currently operating 22 commercial nuclear power reactors.