The Nuclear Energy Corporation of India (NPCIL) has confirmed on Wednesday that the largest and most modern nuclear power plant in the country, Kudankulam, was attacked with malicious software. The virus used has been previously found in cyberattacks linked to North Korean groups.
The Corporation ensures that the main internal network is safe after being isolated. However, cybersecurity experts contradict the official version and believe it has reached key information. “The identification of a malicious virus in NPCIL is true,” confirmed the agency’s deputy director, AK Nema, before stating that the infected computer was from a user connected “to the internet network used for administrative purposes.”
“The systems of the plant have not been affected” and the circuits are being “continuously monitored”, he added. The Cyber Emergency Team was aware of the attack on September 4 and “the problem was investigated immediately” by specialists from the Department of Atomic Energy said Nema.
The cyberattack was publicly known last Monday, when the VirusTotal website published a data submission that seemed to point to a fault in the plant’s system, located in Tamil Nadu in the south of the country. The data indicated the presence of a track an evil program. On Tuesday, those responsible for the nuclear plant published a denial while experts commented on the security breach on Twitter.
“The attackers managed to see confidential information in the system,” explains cybersecurity expert Pukhraj Singh, who has posted on Twitter the text with which he gave the alarm to the Indian authorities already in September.
“This should have been a call of attention for India and it’s a euphemism, “said Singh, who worked for the National Organization for Technical Research (NTRO), the Indian equivalent of the US National Security Agency. The expert described the incident at the time of ” casus belli in Indian cyberspace”.
The track was used in a 2016 attack in which financial information was stolen from millions of Indians, experts say. The cybersecurity company Kaspersky has ensured that the virus has “similarities to the DarkSeoul campaign”, a spying program for South Korean banks and media attributed to the famous Lazarus Group, connected with cyber-terrorist groups in North Korea.
According to a United Nations report published last August, cybernetic groups in North Korea (many of which operate under direct government control) have been extended thanks to their “growing sophistication” and have contributed Pyongyang with about $ 2 billion. (about 1.8 billion euros) that he has used in his program of weapons of mass destruction.
The Prime Minister, Narendra Modi, wants to bring the Internet to the vast population of the country under the Digital India program, criticized for the absence of cybersecurity laws and updated legal framework.
This month, Delhi announced tenders for private companies to prepare the largest network of facial recognition in the world, which will join the national biometric system in which more than one billion citizens are already enrolled, despite continued leaks of private data from your users