The government-run Nuclear Power Corporation of India on Wednesday admitted the presence of malware in one of the computers at Tamil Nadu’s Kudankulam Nuclear Power Plant last month. The nuclear corporation, however, added that investigations confirmed that the “plant systems are not affected” by the cyber attack.
This came a day after a Twitter user claimed that the Russian-built reactors domain controller-level access could have been compromised and a press release from the plant information officer on Tuesday categorically denied that a cyber attack was possible.
In a statement, the corporation said: “Identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In [Computer emergency response team] when it was noticed by them on September 4, 2019.”
“The matter was investigated immediately by experts of the Department of Atomic Energy which revealed that the infected computer belonged to a user who was connected in the internet network used for administrative purposes. This is isolated from the critical internal network,” it added.
NCPIL said the networks were being monitored continuously.
On October 19, one of the two 1,000-megawatt nuclear power units at Kudankulam had stopped generating power. Officials in their response said it was because of malfunctioning of a mechanical device in the turbine section, and not due to any electronic complication.
On September 7, cyber intelligence specialist Pukhraj Singh had tweeted: “I just witnessed a casus belli in the Indian cyberspace and it sucks at every level.” He had not provided details then, but shared that tweet again on Monday, saying: “So, it’s public now. Domain controller-level access at Kudankulam Nuclear Power Plant. The government was notified way back. Extremely mission-critical targets were hit.”
He claimed a “third party” had discovered the intrusion and had contacted him, after which he notified the National Cyber Security Coordinator on September 3. He said the alleged attack had struck another target, which was “scarier” than the Kudankulam plant in some ways.
On Tuesday, Congress MP Shashi Tharoor demanded an explanation from the government regarding the cyber attack. “If a hostile power is able to conduct a cyber attack on our nuclear facilities, the implications for India’s national security are unimaginable,” he tweeted.
NPCIL, which designs, constructs and runs nuclear power reactors in the country, currently operates 22 commercial nuclear power reactors with an installed capacity of 6,780 megawatts, according to its website.
Now, follow and debate the day’s most significant stories on Scroll Exchange.