The Nuclear Power Corporation of India Ltd. (NPCIL) on Wednesday confirmed that a malware had indeed infected its system at the Kudankulam Nuclear Power Plant (KKNPP), a day after KKNPP officials had categorically asserted that the systems at the plant could not be accessed by anyone outside the network as they were all isolated.
“Identification of malware in NPCIL system is correct,” A.K. Nema, Associate Director and Appellate Authority, NPCIL, said in a statement. “The matter was conveyed by CERT-In [Indian Computer Emergency Response Team] when it was noticed by them on September 4, 2019. The matter was immediately investigated by DAE specialists,” he added.
The investigation had revealed that the infected computer belonged to a user who was connected “in the Internet connected network used for administrative purposes,” Mr. Nema said. Stating that the system was isolated from the critical internal network, he added that the networks were being “continuously monitored”.
“Investigation also confirms that the plant systems are not affected,” he asserted.
The cyberintrusion came to light on Monday after the website VirusTotal uploaded a data dump that seemed to point to a data breach in the KKNPP system. The dump pointed to a ‘dtrack’ malware, which can be used as a remote administrator tool, having infected systems at the KKNPP.
On Tuesday, the KKNPP administration issued a statement denying the claims after cybersecurity experts highlighted the issue on Twitter.
Pukhraj Singh, an independent cybersecurity expert, had initially flagged the breach and said he had notified Lt. Gen. Rajesh Pant (National Cyber Security Coordinator) on September 4, a day after he had noticed the breach. He had also termed the intrusion as a “a casus belli [a provocation for war] in the Indian cyberspace” in a tweet.
‘Thorough inquiry’
Following the NPCIL’s confirmation of a breach, DMK president M.K. Stalin on Wednesday demanded a thorough inquiry into the lapses. “The cyberattack on NPCIL facilities is shocking and reveals the lack of adequate safety measures. The Union Government must conduct a thorough enquiry into the lapses. The National Cyber Security Coordinator owes an explanation on the preparedness of such facilities,” he tweeted.
Environmental activist group Poovulagin Nanbargal demanded that the Tamil Nadu government scrap the permissions given for further reactor expansion at the KKNPP facility as any disaster would be the responsibility of the State government. “The acceptance of cyberattack in NPCIL systems by NPCIL only confirms the worst fears that nuclear reactors are not only prone to natural disasters but also to cyberattacks,” the group said in a statement. “The callous manner in which NPCIL dealt with this issue even furthers the fears. We want the State and central government to investigate this cyberattack and bring the culprits to task,” it urged.
