The Nuclear Power Corporation of India Limited (NPCIL) and the Indian Space Research Organisation (ISRO) have been alerted of a possible breach by suspected malware, say reports.
On September 4, the National Cyber Coordination Centre, set up under a classified project “to generate necessary situational awareness of existing and potential cyber security threats and enable timely information sharing,” received intelligence from a US-based cybersecurity company that a “threat actor” had breached master “domain controllers” at the Kudankulam plant of the NPCIL and at ISRO with a malware, later identified as “Dtrack.”
The breach at the Kudankulam plant became public on October 28 after some of the plant’s data showed up on virustotal.com, an online malware scanning service. On October 29, Kudankulam Nuclear Power Project (KKNPP) said that no cyber-attack was possible on the plant’s standalone control system. The next day, however, NPCIL admitted there had been an infection “in the internet connected network used for administrative purposes” and that “the matter was immediately investigated by DAE specialists.” It added: “This (network) is isolated from the critical internal network. The networks are being continuously monitored. Investigation also confirms that the plant systems are not affected.”
But there has been no word from ISRO so far.
