The Kudankulam Nuclear Power Plant (KKNPP) in the Indian state of Tamil Nadu on Tuesday denied being the victim of a cyber-attack after Twitter was abuzz with speculation of a spy virus having infected its systems.
Located off the Bay of Bengal in the Tirunelveli district of Tamil Nadu state, the power plant is the single largest nuclear power station in India.
The KKNPP is scheduled to have six VVER-1000 water energy reactors built through a joint venture between Russia’s Atomstroyexport and the Nuclear Power Corporation of India Limited (NPCIL). Once all six nuclear plants are built, they will generate 6,000 megawatts of electricity.
With rumours floating on social media, a Kudankulam Nuclear Power Project spokesperson had to issue a statement saying that the plant’s control system is stand alone and not connected to any cyber network or the Internet outside its periphery.
"Any cyber attack on the nuclear power plant control system is not possible", the spokesperson added in the statement.
Several people, including Indian politician Shashi Tharoor, took to social media earlier in the day to voice their concerns over the alleged mishap.
This seems very serious. If a hostile power is able to conduct a cyber attack on our nuclear facilities, the implications for India's national security are unimaginable. The Government owes us an explanation. https://t.co/5NokFcQFWs
— Shashi Tharoor (@ShashiTharoor) October 29, 2019
Does cyber security figure in the charter of the Standing Committee headed by you? Do we have any red-lines as far as cyber attacks are concerned?
— Samir/ समीर/ سمیر/ਸਮੀਰ/સમીર (@samirsrivastava) October 29, 2019
This matter is serious and requires urgent attention.
The breach apparently still active Mr. Tharoor.
— Ladak 🌏 (@NevaStopXplorin) October 29, 2019
The govt not only owes us an explanation but also needs to ACT on a war footing to remove the malware and the intrusion!
it is time to hire specialized #cybersecurityprofessionals in govt.institutions.India is IT Superpower but surprisingly lack of specialized manpower keep our strategically institutions vulnerable. Govt.should give serious thoughts on their Hiring policy for specialized talent.
— Tanmay Tyagi (@tanmay244) October 29, 2019
Nuclear Power plant control systems are not connected to internet. They operate on stand alone basis. This is just like allegations of EVM hacking.
— jaydeep desai (@jm_desai) October 29, 2019
R. Ramdoss, training superintendent and information officer at the power plant, said: "Presently, KKNPP Unit-1 & 2 are operating at 1000 MWe and 600 MWe respectively without any operational or safety concerns".
The clarification came after speculative posts emerged that the power plant was the target of a variant of a virus known as DTrack RAT.
According to the Russian anti-virus and cyber security company Kaspersky, DTrack is a variant of a malware known as AMDTrack that is able to download files to infected systems, record key strokes, and conduct other actions similar to remote controlling the infected systems.
The cyber security firm said its list of functions define it as a "spy tool".
