The Kudankulam Nuclear Power Plant, the most powerful such station in India, has denied that it was the target of a cyber attack, clarifying that its network is “stand alone” and is not connected to the outer internet. “Any cyber attack on the Nuclear Power Plant Control System is not possible,” an information officer for the Kudankulam Nuclear Power Plant said in a statement.
The statement was released hours after Twitter went abuzz with reports of a cyber attack at the Kudankulam Nuclear Power Plant. The unverified reports pointed to a variant of a virus known as ‘DTrack RAT’ having infected the systems at the Kudankulam Nuclear Power Plant.
A report by news agency IANS from earlier month saying that one of the two power reactors at the Kudankulam Nuclear Power Plant had suspended operations was linked by Twitter users to this alleged cyber attack.
Reacting to the social media posts, Congress MP Shashi Tharoor called for an explanation from the government. “This seems very serious. If a hostile power is able to conduct a cyber attack on our nuclear facilities, the implications for India’s national security are unimaginable. The Government owes us an explanation,” Tharoor, who heads the parliamentary standing committee on information technology, said in a tweet.
However, in a statement issued Tuesday, the power plant, located off the Bay of Bengal in Tamil Nadu’s Tirunelveli district, denied the reports and said both the reactors were functional at the moment.
“Some false information is being propagated on the social media platform, electronic and print media with reference to the cyber attack on Kudankulam Nuclear Power Plant,” R. Ramdoss, training superintendent and information officer at the power plant, said.
“This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants Control Systems are stand alone and not connected to outside cyber network and Internet. Any cyber attack on the Nuclear Power Plant Control System is not possible,” Ramdoss said. “Presently, KKNPP Unit-1 &2 are operating at 1000 MWe and 600 MWe respectively without any operational or safety concerns.”
The clarification from the Kudankulam Nuclear Power Plant came after speculative posts by Twitter handles linked to cyber security suggested that the power plant was the target of a variant of a virus known as DTrack RAT.
According to the Russian anti-virus and cybersecurity company Kaspersky, DTrack is a “spy tool” that was discovered by the firm’s researchers “in Indian financial institutions and research centers”. In a press note from September this year, Kaspersky suggested that DTrack was a variant of a malware known as AMDTrack that was created to “infiltrate Indian ATMs and steal customer card data”.
According to Kaspersky, DTrack is able to download files to infected systems, record key strokes and conduct other actions similar to remote control of the infected systems. The cybersecurity firm said its list of functions define it as a “spy tool”.
Interestingly, DTrack is believed to have been created by the shadowy hacker collective Lazarus that has been linked in media reports to North Korea. Lazarus was the group believed to be behind the 2017 WannaCry ransomware attack that hit users in over 100 countries and the infamous 2014 hack of the film studio Sony Pictures, which ranks among the worst corporate breaches in history.