The South Korean authorities confirmed an incident to the nuclear plant revealing that the attackers have stolen also data from its systems.
Recently I wrote about a sophisticated cyber attack on a steel factory that caused severe damage, the Federal Office for Information Security (BSI) disclosed the incident in its annual security report, while in the same days, computer systems at South Korea’s nuclear plant operator have been hacked.
The Korea Hydro and Nuclear Power Co Ltd (KHNP) and the Government of Seoul confirmed the incident to the nuclear plant revealing that the hackers haven’t stolen critical data in the cyber attack. Government officials also explained that there was no risk to nuclear installations in across the country. The news of the attack arrived in the same hours the FBI blamed North Korea for the attack against the Sony Pictures, and the Government of Pyongyang is responsible for many offensives against computer network in the South. In 2013, the South Korea accused the North of a series of severe cyber attacks that targeted national banks and broadcasters.
Security Experts speculated that reactors in nuclear plants of the South Korea could be exposed to the concrete risk of cyber attacks.
“This demonstrated that, if anyone is intent with malice to infiltrate the system, it would be impossible to say with confidence that such an effort would be blocked completely,” said Suh Kune-yull of Seoul National University. “And a compromise of nuclear reactors’ safety pretty clearly means there is a gaping hole in national security,”
The Reuters Agency reported that the South Korea’s energy ministry is confident that nuclear plants in the country have in place necessary defense measures to block “any infiltration by cyber attackers that could compromise the safety of the reactors.”
“It’s our judgment that the control system itself is designed in such a way and there is no risk whatsoever,” Chung Yang-ho, deputy energy minister, told Reuters by phone.
In time I’m writing the South Korean Government has not provided any information on possible responsible.
The alleged responsible for the attack on the nuclear plant claimed responsibility for the attacks via Twitter, he revealed to be chairman of an anti-nuclear group based in Hawaii.
The individual was announcing the shutdown of three aging nuclear reactors by Thursday, he also revealed that he has stolen sensitive documents in the attack. The tweet asked for money in exchange for the leaked data.
It’s difficult, in this moment, to understand who is behind the attack, the experts don’t exclude the involvement of Anti-nuclear activists that protested against the use of nuclear power.
An official at the country’s nuclear plant operator KHNP, which is part of state-run Korea Electric Power Corp, told Reuters that the cyber attack war run by “elements who want to cause social unrest”.
“It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed,” the official said.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.