Nuclear plant in South Korea hacked

The South Korean authorities confirmed an incident to the nuclear plant revealing that the attackers have stolen also data from its systems.

Recently I wrote about a sophisticated cyber attack on a steel factory that caused severe damage, the Federal Office for Information Security (BSI) disclosed the incident in its annual security report, while in the same days, computer systems at South Korea’s nuclear plant operator have been hacked.

The Korea Hydro and Nuclear Power Co Ltd (KHNP) and the Government of Seoul confirmed the incident to the nuclear plant revealing that the hackers haven’t stolen critical data in the cyber attack. Government officials also explained that there was no risk to nuclear installations in across the country. The news of the attack arrived in the same hours the FBI blamed North Korea for the attack against the Sony Pictures, and the Government of Pyongyang is responsible for many offensives against computer network in the South. In 2013, the South Korea accused the North of a series of severe cyber attacks that targeted national banks and broadcasters.

Security Experts speculated that reactors in nuclear plants of the South Korea could be exposed to the concrete risk of cyber attacks.

“This demonstrated that, if anyone is intent with malice to infiltrate the system, it would be impossible to say with confidence that such an effort would be blocked completely,” said Suh Kune-yull of Seoul National University. “And a compromise of nuclear reactors’ safety pretty clearly means there is a gaping hole in national security,”

The Reuters Agency reported that the South Korea’s energy ministry is confident that nuclear plants in the country have in place necessary defense measures to block “any infiltration by cyber attackers that could compromise the safety of the reactors.”

“It’s our judgment that the control system itself is designed in such a way and there is no risk whatsoever,” Chung Yang-ho, deputy energy minister, told Reuters by phone.

In time I’m writing the South Korean Government has not provided any information on possible responsible.

The alleged responsible for the attack on the nuclear plant claimed responsibility for the attacks via Twitter, he revealed to be chairman of an anti-nuclear group based in Hawaii.

The individual was announcing the shutdown of three aging nuclear reactors by Thursday, he also revealed that he has stolen sensitive documents in the attack. The tweet asked for money in exchange for the leaked data.

It’s difficult, in this moment, to understand who is behind the attack, the experts don’t exclude the involvement of Anti-nuclear activists that protested against the use of nuclear power.

An official at the country’s nuclear plant operator KHNP, which is part of state-run Korea Electric Power Corp, told Reuters that the cyber attack war run by “elements who want to cause social unrest”.

“It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed,” the official said.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs –  Nuclear plant cyber attack, South Korea)