Hackers with links to North Korea have hit a critical nuclear power plant in India
India has admitted its newest nuclear power plant has fallen victim to a cyber attack, illustrating how exposed one of the most valuable sectors to the emerging economy is to cyber criminals.
The Kudankulam nuclear power plant was hacked using malware which is designed to extract data which has been linked to Lazarus Group, which is known to have ties to North Korean-backed outfits
Read more: Huge Facebook data leak exposes phone numbers of 419m users
India’s state-owned Nuclear Power Corporation (NPCIL) said malware had been found in the system, but that it was “isolated from the critical internal network”. However, cybersecurity experts have disputed this claim, saying critical information had been compromised.
NPCIL runs 22 commercial nuclear reactors in the country, which can produce up to 6,780MW.
The hack was first identified by Virus Total a virus scanner site owned by Google parent company Alphabet. Virus Total flagged a data dump which was related to the India malware earlier this week.
City A.M. has contacted the Nuclear Power Corporation of India and the National Cyber Security Co-ordinator for comment.
Indian MP Shashi Tharoor said: “With NPCIL confirming the cyber attack on Kudankulam, the National Cyber Security Coordinator (NCSC) and NSA [National Security Agency] must address public concerns about this dangerous intrusion on India’s critical infrastructure”.
“Why has it taken so long for the government to create and fortify India’s cyber capabilities in order to punish, deter and repel such attacks?”
Read more:UK telecoms operators must strengthen cyber security to prevent cyber attacks
Emily Orton, co-founder of cybersecurity giant Darktrace, told City A.M. the attack was a “wake-up call” to the Indian government, but also had ramifications across the globe.
“We assume that our critical infrastructure is bulletproof and that it’s reliable…. The reality is that cyber threats mean those physical systems are now increasingly vulnerable.”
“The reality is today, you’re not going to keep the bad guy off your network. If an attacker really wants to get onto your system, they will find a way. So the new game is stopping the activity from escalating and catching it very early, a bit like your immune system catches a virus at a very early stage before you’re affected by it.”