The Nuclear Power Corporation of India (NCPIL) on Wednesday issued a press statement admitting that the claims of a cyber attack on Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu is true. The admission of a cyber attack is a significant development because the NPCIL had on Tuesday rejected reports about cyber attack stressing that any attack on the Nuclear Power Plant Control System is impossible.
The denial was issued by NPCIL on Tuesday (October 29) despite reports of strong evidence of a malware attack on the IT systems of the KKNPP in September 2019.
A.K Nema, associate director of NPCIL, on Wednesday released a statement admitting that Kudankulam cyber attack indeed happened. "Identification of malware in NPCIL system is correct. The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019," NPCIL said in a statement.
"The matter was immediately investigated by DAE specialists. The investigation revealed that the infected PC belonged to a user who was connected in the internet-connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored," added the statement. The NPCIL officer, however, stressed that the plant systems are not affected.
On Tuesday (October 29), R Ramdoss, training superintendent and information officer at KKNPP, had said in a statement, "This is to clarify Kudankulam Nuclear Power Project (KKNPP) and other Indian Nuclear Power Plants' control systems are standalone and not connected to outside cyber network and Internet. Any cyber attack on the Nuclear Power Plant Control System is not possible. Presently, KKNPP's Unit-1 and 2 are operating at 1000 MWe and 600MWe respectively, without any operational or safety concerns."