The Kudankulam nuclear power plant in India has been hacked using malware which is designed to extract data which has been linked to Lazarus Group, which is known to have ties to North Korean-backed outfits
India’s state-owned Nuclear Power Corporation (NPCIL) said malware had been found in the system, but that it was “isolated from the critical internal network”.
However, cybersecurity experts have disputed this claim, saying critical information had been compromised.
NPCIL runs 22 commercial nuclear reactors in the country, which can produce up to 6,780MW.
The hack was first identified by Virus Total a virus scanner site owned by Google parent company Alphabet. Virus Total flagged a data dump which was related to the India malware earlier this week.
City A.M. has contacted the Nuclear Power Corporation of India and the National Cyber Security Coordinator for comment.
“With NPCIL confirming the cyber-attack on Kudankulam, the National Cyber Security Coordinator (NCSC) and NSA [National Security Agency] must address public concerns about this dangerous intrusion on India’s critical infrastructure,” Indian MP Shashi Tharoor said.
“Why has it taken so long for the government to create and fortify India’s cyber capabilities in order to punish, deter and repel such attacks?”
Emily Orton, co-founder of cybersecurity giant Darktrace, told City A.M. the attack was a “wake-up call” to the Indian government, but also had ramifications across the globe.
“We assume that our critical infrastructure is bulletproof and that it’s reliable…. The reality is that cyber threats mean those physical systems are now increasingly vulnerable.”
“The reality is today, you’re not going to keep the bad guy off your network. If an attacker really wants to get onto your system, they will find a way. So the new game is stopping the activity from escalating and catching it very early, a bit like your immune system catches a virus at a very early stage before you’re affected by it.”