The Corporation of Nuclear Energy of India (NPCIL, for its acronym in English) has confirmed this Wednesday that the largest and most modern nuclear plant in the country, Kudankulam, was attacked with malicious software. The virus employed has been found previously in cyber attacks linked to groups in North Korea.
The Corporation ensures that the internal network is safe after having been isolated. However, cybersecurity experts contradict the official version and believe that reached key information. “The identification of a malicious virus in NPCIL is true”, confirmed the deputy director of the agency, A. K. Nema, before saying that the infected computer was a user connected to the internet network used for administrative purposes”. “The systems of the plant have not been affected,” and the circuits are being “monitored continuously”, he added. The Emergency Team Cyber had knowledge of the attack last September 4, and “the problem was investigated immediately” by specialists from the Department of Atomic Energy, has secured Nema.
The cyber attack, made public last Monday, when the web VirusTotal released a sending data that seemed to point to a flaw in the system of the plant, located in Tamil Nadu, in the south of the country. The data indicated the presence of a dtrack, a program malignant. On Tuesday, the leaders of the nuclear plant, issued a denial while the experts commented on Twitter the security gap.
“The attackers were able to view sensitive information in the system”, explains the expert in cybersecurity Pukhraj Singh, who has published on Twitter the text that gave the voice of alarm to the indian authorities already in September. “This should have been a wake up call for India. And that is an understatement,” said Singh, who worked for the National Organization for Technical Research (NTRE), the equivalent indian the National Security Agency of the united States. The expert described the incident of “casus belli in cyberspace indian”.
The dtrack was used in an attack of 2016 in which stolen financial information from millions of indians, the experts point out. The company’s cybersecurity Kaspersky has assured that the virus saves “similarities with the campaign, DarkSeoul”, a program of surveillance to banks and media in south korea attributed to the famous Group Lazarus, connected with groups ciberterroristas of North Korea.
According to a United Nations report published last August, the group cyber North Korea (many of which operate under direct control of the Government) have been extended thanks to its “increasing sophistication” and have contributed to Pyongyang about 2,000 million dollars (about 1,800 million euros) that has been used in its program of weapons of mass destruction.
The nuclear sector is one of the most important in India. The NPCIL operates 22 reactors at seven locations in the country.
The prime minister, Narendra Modi, wants to bring the Internet to the vast population of the country in the framework of the program India digital, criticized for the absence of laws, cyber security and legal framework updated. This month, Delhi announced tenders for private companies to prepare the largest network of facial recognition in the world, that will join the biometric system national in the that are already registered more than a billion citizens, despite the continuous leaks of private data of its users.
