Users online claim Kudankulam nuclear power plant was hit by a cyber attack

In these hours an alleged cyber attack on the Kudankulam Nuclear Power Plant in Tamil Nadu made the headlines, but the KKNPP denies it.

Worrying news made the headlines, the Kudankulam Nuclear Power Plant (KKNPP) was hit by a cyber attack. Some users are claiming on the social media that a piece of the ‘DTrack’ malware has infected the systems at the KKNPP.

The DTrackmalware was described by Kaspersky in September as a tool that could be used to spy on the victims and exfiltrate data of interest. The malware supports features normally implemented in remote access trojan (RAT). Below a list of some functionalities supported by the Dtrack payload executables analyzed by Kaspersky:

• keylogging,
• retrieving browser history,
• gathering host IP addresses, information about available networks and active connections,
• listing all running processes,
• listing all files on all available disk volumes.

The KKNPP is the largest nuclear power plant located at Kudankulam in Tamil Nadu, but personnel at the nuke plant has denied the incident.

“Amid claims on the social media that there has been a cyber-attack on India’s largest nuclear power plant located at Kudankulam in Tamil Nadu, the atomic power station has denied that it has been the target of any such nefarious activity.” reads a post published by the TimesNowNews website.

“In a statement issued on Tuesday, the Kudankulam Nuclear Power Plant (KKNPP) refuted reports of the alleged cyber-attack, calling it ‘false information’. “

KNPP declared that its network is safe and that the control room of the nuclear power plant is not exposed online.

“Any cyber-attack on the Nuclear Power Plant Control System is not possible,” the statement stated categorically.

The news of the attack was initially spread by this Twitter use that reported the malware infection:

According to a report by news agency IANS, one of the two power reactors at the KKNPP had suspended operations due to the alleged cyber attack.

Congress MP Shashi Tharoor called for an explanation from the government authorities.

The reply of the personnel at the nuclear plant is eloquent, the news of the cyber attack is fake.

“Some false information is being propagated on the social media platform, electronic and print media with reference to the cyber attack on Kudankulam Nuclear Power Plant,” R. Ramdoss, training superintendent and information officer at the power plant, said.

“This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants Control Systems are stand alone and not connected to outside cyber network and Internet. Any cyber attack on the Nuclear Power Plant Control System is not possible,” Ramdoss said. “Presently, KKNPP Unit-1 &2 are operating at 1000 MWe and 600 MWe respectively without any operational or safety concerns.”

“It may be noted here that the second 1,000 MW nuclear power unit at Kudankulam had stopped generating power on October 19. It was reported that the atomic power plant stopped power generation owing to low “SG level”.” concludes The Times Now News.

“The KKNPP, owned by the Nuclear Power Corporation of India Ltd (NPCIL), has two 1,000 MW nuclear power plants. The plants were constructed using Russian equipment.”

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – KKNPP, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]