A day after the Kudankulam Nuclear Power Project (KKNPP) in Tamil Nadu denied any hacking of its control system, the Nuclear Power Corporation of India (NPCIL) on Wednesday confirmed the presence of malware in one of the computers. The nuclear corporation, however, added that the “systems are not affected” by the cyberattack.
Issuing a statement in this regard, the corporation said, “The identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019.”
“The matter was immediately investigated by DAE (Department of Atomic Energy) specialists. The investigation revealed that the infected PC belonged to a user who was connected in the internet connected network used for administrative purposes. This is isolated from the critical internal network,” the corporation added.
The NPCIL also said that the “networks are being continuously monitored”.
A third-party multinational IT company had discovered the attack in early September and alerted the National Cyber Security Council (NCSC).
A source said the NCSC set up a cyber audit team that visited the site in mid-September. They met KKNPP officials in the first week of October and submitted an advisory with recommendations. The source confirmed that a “breach” had happened and that cleaning of the foreign intrusion was going on.
“Some sort of vulnerability has been discovered,” said the source. “In terms of the breach, there are layers. It definitely did not impact the main operations. It affected computers that are used for administrative purposes only.”
In a press release on Tuesday, KKNPP had said: “This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants Control Systems are stand alone and not connected to outside cyber network and Internet. Any cyberattack on the Nuclear Power Plant Control System is not possible.” P Ramadoss, Training Superintendent and Information Officer, added that the two units of the plant are currently operating “without any operational or safety concerns”.
Congress MP Shashi Tharoor had earlier sought an explanation from the government on Twitter: “This seems very serious. If a hostile power is able to conduct a cyber attack on our nuclear facilities, the implications for India’s national security are unimaginable. The Government owes us an explanation.”