Hackers hit Indian nuclear plant

News that hackers successfully infected at least one computer inside an Indian nuclear power plant once again raise concerns about targeting of the energy sector by cyber means.

The_Kudankulam_Nuclear_Power_Plant_(KKNPP)

In a terse statement, the government’s Nuclear Power Corporation of India acknowledged the attack, but downplayed its seriousness: “the infected PC belonged to a user who was connected [to the Internet] for administrative purposes. This is isolated from the critical internal network”.

There are two reasons not to breathe a sigh of relief:

Firstly, some researchers are linking the malicious software used in the hack to North Korea’s Lazarus group, which the US government believes was behind 2017’s ruinous WannaCry attack, along with the hacking of Bangladesh Bank and Sony Pictures Entertainment.

I’m not aware this group has targeted the energy sector before, and if they’re doing so now, it’s a worrying change of tactics.

As some have pointed out, it could be that they were just using the nuclear power station as a staging post for their hacking infrastructure, and not targeting the plant itself.

However, secondly, any hackers who worked out they were inside a power station would probably be trying their damnedest to breaking into the critical bits of the network, and if claims that they had “domain controller-level access” to the systems in the Indian plant are correct, it’s concerning.

For my forthcoming book on cybercrime, Crime Dot Com (out next year), I wrote a chapter on energy sector cyber attacks, including the targeting of the UK’s nuclear infrastructure by suspected Russian hackers.

What industry experts described to me was a world in which more and more parts of the energy industry are being connected to the Internet. This is partly to provide remote maintenance options, but also a bid to free up the massive amounts of data generated by the grid, which are a goldmine for commercial purposes.

As a result, it’s getting harder and harder to isolate the critical internal network from the Internet-facing bits. If the Indians managed it, good for them. In future others won’t be so fortunate.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s