“Any cyber attack on the Nuclear Power Plant Control System is not possible,” an information officer for the Kudankulam Nuclear Power Plant (KNPP) stated on Tuesday. Both KNPP’s reactors were operating nominally, he added, emphasizing that all critical systems at KNPP and other plants are “standalone and not connected to outside cyber network and Internet.”
Read More: 100 million deaths and more: The cost of an India-Pakistan nuclear war
The official statement, however, raised further questions, as many noted it neither confirmed nor denied whether any of the secondary non-critical systems might have been compromised in the alleged breach.
இதனைத் தொடர்ந்து #கூடங்குளம் மின்நிலையம் பின்வரும் செய்திக்குறிப்பை வெளியிட்டுள்ளது /7
இதில் "அவ்வாறான இணையவழி தாக்குதல்கள் ஏதும் நடைபெறவில்லை" என தெரிவிக்கப்பட்டுள்ளது.
KKNPP "has denied the cyber attacks and confirming both the Units are in operation now". pic.twitter.com/lcsmo2B3t6
— Surya 🌈 (@SuryaCEG) October 29, 2019
Cybersecurity expert Pukhraj Singh, whose tweets had triggered the avalanche of rumors, followed up with a clarification that he only spoke of an alleged lower level “domain controller” breach, instead of one on “control systems.” A hack on the domain level might affect a public-facing email address linked to the plant, for example, but would not touch its reactors or other sensitive equipment.
The former officer of the National Technical Research Organisation, Singh, also noted that he never said anything about possible culprits, because “false flags are so goddamn easy.”
Panicked rumors and headlines spread like fire after Singh tweeted on Monday that the breach had gone “public,” stating that “extremely mission-critical targets were hit” in the intrusion, which he called a “casus belli in the Indian cyberspace.”
Read more: War between two Nuclear powers will have consequences beyond borders, says Khan
Indian authorities were aware of the potential breach since at least early September, according to Singh who personally filed a report after he was first alerted by a third party. He also cited a report by independent cyber attack monitor VirusTotal, which said a form of malware known as “Dtrack” – which some linked to alleged North Korean hacking outfit, the Lazarus Group – was used against several Indian targets. The report matched an earlier finding by cybersecurity firm Kaspersky, which had detected Dtrack attacking “financial institutions and research centers” in India.
RT with additional input from GVS News Desk