NEW DELHI :
The National Democratic Alliance (NDA) government on Wednesday confirmed that malware was detected at state-run Nuclear Power Corp. of India Ltd’s (NPCIL) system last month.
“Identification of malware in Nuclear Power Corporation of India Limited system is correct. The matter was conveyed by the Indian Computer Emergency Response Team (CERT-In) when it was noticed by them on September 4, 2019," the department of atomic energy said on Wednesday.
CERT-In coordinates efforts on cybersecurity issues and is tasked with responding to cyberattacks, while the National Technical Research Organization is the elite technical intelligence agency.
“The matter was immediately investigated by the department of atomic energy (DAE) specialists. The investigation revealed that the infected PC belonged to a user who was in the internet connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored," the department said. “Investigation also confirms that the plant systems are not affected," it said.
The detection of malware or malicious software in NPCIL’s system, responsible for running India’s nuclear reactors, comes against the backdrop of India’s power sector facing cyberattacks, with at least 30 events reported daily.
Mint reported on 11 September about increasing occurrences of such attacks. NPCIL is involved in all aspects of commercial nuclear power reactors and runs 22 commercial nuclear power reactors with an installed capacity of 6,780 megawatts (MW).
The cyberattacks assume importance given the increased state of hostilities in the Indian subcontinent and India’s ambitious nuclear plans that include constructing a dozen new nuclear power reactors across the country, with a total power-generation capacity of 9,000 MW. While nine reactors totaling 6,700 MW are under construction, the Indian government has also given in-principle approval for setting up nuclear power capacities totaling 25,248 MW at Jaitapur (Maharashtra), Kowada (Andhra Pradesh), Chhaya Mithi Virdi (Gujarat), Haripur (West Bengal), and Bhimpur (Madhya Pradesh).
Some high-profile cyberattacks include the November 2017 malware attack on THDC Ltd’s Tehri dam in Uttarakhand, the May 2017 ransomware attack on West Bengal State Electricity Distribution Co. Ltd, the February 2018 attack on a Rajasthan discom website, and the March 2018 attack on Haryana discoms in which the commercial billing software of the highest paying industrial customers was hacked, according to information reviewed by Mint.
The National Critical Information Infrastructure Protection Centre also reported several vulnerabilities in the state power utilities in May 2018.
The activities of NPCIL include design, construction, commissioning, operation and maintenance, renovation and modernization, research and development, upgrades, life management, and waste management.
A majority of the attacks originate from China, Singapore, Russia and the Commonwealth of Independent States countries. As such, there are growing concerns that the country’s power infrastructure could be the next target of terrorists looking to cripple its economy. The issue has assumed greater importance as India now has an integrated national power grid, with south India joining the national electricity grid in January 2014.