Days after a malware attack on the IT systems was reported at the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu, the Indian Space Research Organisation (ISRO) was alerted of a similar breach by suspected malware, The Indian Express reported on Wednesday, 6 November.
WHAT WE KNOW
The Nuclear Power Corporation of India Limited (NPCIL) and ISRO were, on 4 September, alerted about the security breach after National Cyber Coordination Centre, on 3 September, received intelligence inputs about the "threat actor," according to The Indian Express.
The malware, which was later identified as DTrack, had breached the master domain controllers at the Kudabkulam plact and at ISRO.
However, a multi-agency team at ISRO swung into action soon after the threat was received, about 100 hours ahead of its lunar landing mission of Chandrayaan-2, The Indian Express reported quoting sources.
WHAT WE DON'T KNOW
However, the ISRO has not confirmed the incident and is yet to respond to the queries, The Indian Express reported.
The NPCIL, on 30 October, confirmed in an official press release that the identification of “malware in NPCIL system is correct,” a day after blanket denial that “any attack on the Nuclear Power Plant Control System is not possible.”
NPCIL senior official AK Nema said that the matter had been conveyed by CERT-In on 4 September. This corroborates cybersecurity expert Pukhraj Singh’s claim that he had informed the National Cyber Security Coordinator of the DTrack malware attack on 3 September.
“The matter was immediately investigated by DAE specialists,” the press release clarified.
According to the statement, the infected computer belonged to a user who was connected to the internet. This Internet network was “isolated from the critical internal network”, the press release said.
(With inputs from The Indian Express.)