Union Minister of State Jitendra Singh informed the Rajya Sabha on Thursday that a malware infection was identified at the Kudankulam nuclear power plant in Tamil Nadu but was restricted to its administrative building.
Dr. Singh, who also holds charge of the Ministry of Atomic Energy, while responding to a question by AIADMK member A.K Selvaraj on whether there was a cyber attack on the Kundankulam plant, informed the Upper House that “there was an identification of a malware infection on Kudankulam Nuclear Power Plant (KKNPP) administrative network, which is used for day-to-day administrative activities.”
He added that the “plant control and instrumentation system is not connected to any external network such as intranet, internet and administrative system and thus was not affected.”
Dr. Singh said following the incident it has been decided to conduct a quarterly cyber security audit of all the plants.
“Cyber security audit has been carried out by the Computer & Information Security Advisory Group (CISAG) of Department of Atomic Energy (DAE) along with the national agency, Indian Computer Emergency Response Team (CERT-In). It concluded that the malware infection was limited to the administrative network of KKNPP. In respect of further strengthening of Information Security in administrative networks, various measures have been taken viz. hardening of internet and administrative intranet connectivity, restriction on removable media, blocking of websites & IPs which have been identified with malicious activity etc.,” he added.
The cyber attack was reported on October 29. The incident was initially denied by the KKNPP administration.