After the cyberattack at Kudankulam, Indian authorities responsible for the security of the Nuclear power plant have admitted to their administrative system being breached by malware, although the actual damage assessment is yet to be determined. Meanwhile, the cybersecurity community is concerned whether the Kudankulam hackers did steal India’s thorium secrets.
On the morning of October 29, 2019, GreatGameIndia was the first to report a cyberattack at Kudankulam Nuclear Power Plant (KNPP). The officials at NPCIL (Nuclear Power Corporation of India Ltd) after initially claiming the reports to be ‘false information’, did actually admit the next day that their system ‘connected to the internet connected network used for administrative purposes’ was breached by the malware.
Further, the NPCIL official claimed that their system was ‘isolated from the critical internal network’ and that their investigation confirmed ‘that the plant systems were not affected’. But as per the cybersecurity expert Pukhraj Singh, who first blew the whistle on the cyberattack at Kudankulam, ‘mission-critical systems were hit’. Although the actual damage assessment is yet to be determined, the cybersecurity community is concerned whether the Kudankulam hackers did steal India’s thorium secrets.
IssueMake Labs, a not-for-profit organisation of cyber security experts based out of South Korea who have been monitoring foreign currency earning and financial hacking activity in the Indian cyberspace atleast since a decade, have claimed that ‘the possible reason behind the attack was to obtain information about thorium-based nuclear power’.
We have long known and continuously monitored North Korea is attacking India. pic.twitter.com/92oJqFpDsZ
— IssueMakersLab (@issuemakerslab) November 5, 2019
“India is a leader in thorium nuclear power technology. Since last year, North Korean hackers have continuously attempted to attack to obtain that information” claimed the South Korean cyber expert group.
The experts also claimed that as part of their analysis of the DTrack malware, used to attack the nuclear power plant, North Korean hacker groups had attempted to hack senior Indian nuclear scientists, including Anil Kakodkar and S A Bhardwaj through malware-laced emails. “Through them, hackers can contact anyone in India’s nuclear energy sector with trusted relationship”, the Seoul based group said.
On being contacted, Department of Atomic Energy (DAE) spokesperson Ravi Shankar told TOI that “Considering the sensitivity of the matter, DAE will first check the veracity of such tweets and will then respond.” Kakodkar told TOI, “I have to first figure out what are in the tweets and then I will be in a position to respond.”
IML founder Simon Choi told TOI that they will talk about the findings soon at a security conference. “We have been monitoring North Korean hackers since 2008. We were watching the hacker that made the attack,” he said. North Korea’s Kimsuky Group attempted to steal information on the latest design of advanced heavy water reactor (AHWR), an Indian design for a next-generation nuclear reactor that burns thorium into the fuel core, IML had tweeted in April.
According to IML, their analysis reveals that there were multiple hackers, including “hacker group B”, which uses a 16-digit password – dkwero38oerA^t@# – to compress a list of files on an infected PC. They have used the same password for multiple attacks since 2007. One of the attackers also included a group that infiltrated the South Korean military’s internal network in 2016 and stole classified information.
Anil Kakodkar is the former director of Bhabha Atomic Research Centre and Chairman of Atomic Energy Commission of India. Apart from playing a major role in India’s nuclear tests asserting sovereignty, Kakodkar champions India’s self-reliance on thorium as a fuel for nuclear energy. He believes that India should be self-reliant in energy, especially by use of the cheap national thorium resources. He continues to engage in designing the Advanced Heavy Water Reactor, that uses thorium-uranium 233 as the primary energy source with plutonium as the driver fuel. The unique reactor system, with simplified but safe technology, will generate 75 percent of electricity from thorium.
S A Bhardwaj is a former chairman of the Atomic Energy Regulatory Board. Bhardwaj has been associated with nuclear fuel design activities. He is amongst the first set of pioneers who took up the power reactor fuel design and engineering activities indigenously. The fuel designs at present in use in all the operating nuclear power plants in the country are based on his designs. Bhardwaj has applied innovative means of use of Plutonium, Thorium and depleted Uranium bearing fuels in Indian Pressurised Heavy Water Reactors.
The North Korean hackers launched spear-phishing attacks on India’s nuclear energy-related experts by disguising them as employees of India’s nuclear energy organizations such as AERB and BARC. They continued their attack for about two years.
This is an image of the history of malware used by the North Korean hacker group B that hacked the Kudankulam Nuclear Power Plant(KKNPP) in India. A 16-digit string(dkwero38oerA^t@#) is the password that malware uses to compress a list of files on an infected PC. pic.twitter.com/YFiKv7wSJW
— IssueMakersLab (@issuemakerslab) November 3, 2019
Both of these high-profile Indian scientists targeted by hackers were working on Thorium based nuclear power – an area where India Is leading the world. One of the largest supplies of Thorium in the world, named after the Norse God of thunder Thor, is in India. In the 1950s India targeted achieving energy independence with the three-stage nuclear power programme:
- Stage-I : envisages, construction of Natural Uranium, Heavy Water Moderated and Cooled Pressurised Heavy Water Reactors (PHWRs). Spent fuel from these reactors is reprocessed to obtain Plutonium.
- Stage-II : evisages, construction of Fast Breeder Reactors (FBRs) fuelled by Plutonium produced in stage-I. These reactors would also breed U-233 from Thorium.
- Stage-III : would comprise power reactors using U-233 / Thorium as fuel.
In late June 2012, India announced that their “first commercial fast reactor” was near completion making India the most advanced country in thorium research. “We have huge reserves of thorium. The challenge is to develop technology for converting this to fissile material,” stated former Chairman of India’s Atomic Energy Commission. India’s first commercial fast breeder reactor is approaching completion at the Indira Gandhi Centre for Atomic Research, Kalpakkam, Tamil Nadu and validation of its core reactor physics is underway.
India has projected meeting as much as 30% of its electrical demands through thorium by 2050. India is also developing up to 62, mostly thorium reactors, which is expected to be operational by 2025. India is the “only country in the world with a detailed, funded, government-approved plan” to focus on thorium-based nuclear power.
The United States based Thorium Energy Alliance estimates “there is enough thorium in the United States alone to power the country at its current energy level for over 1,000 years.” And India has the largest thorium reserves in the world, which could power entire South Asia for more than 1,000 years. Thorium based nuclear power is a highly sensitive technology, a strategic leap which has the potential to tip the geopolitical balance of power – on which the major powers have set their eyes on since inception.
#India's Kudankulam #Nuclear Power Plant has been hit by #cyberattack. Authorities were already alerted of the threat months in advance. The power plant project built in collaboration with #Russia has been a target of foreign players since its inception.https://t.co/5ARd0iYPXe
— GreatGameInternational (@GreatGameIndia) October 29, 2019
The concept of using thorium as a nuclear fuel was proposed by the father of India’s nuclear program Homi Bhabha in the 1950s. This thorium focused strategy was in marked contrast to all other countries in the world, which at the time were more concerned about nuclear weapons. It is believed in the intelligence community that Homi Bhabha was assassinated to ultimately paralyse India’s nuclear program – specifically the research into Thorium based nuclear power.
Gregory Douglas, a journalist who taped interviews with former CIA operative, Robert Crowley, for four years, recorded their telephonic talks and later published their transcripts in a book called Conversations with the Crow. Crowley writes that CIA was responsible for assassinating Homi Bhabha. We urge the Indian government as we have done so multiple times before to launch a fresh investigation into the death of Homi Bhabha, to determine the root cause of his place crash over the Alps and thereby prepare an appropriate response.
When the Iranian Nuclear facility was hit it was claimed initially that the American National Security Agency was behind the cyberattack, since the codes and the pattern pointed to them. However, it was revealed after investigation that the hit was actually carried out by Israeli intelligence with stolen cyberweapons developed by the NSA. This methodology should be kept in mind while investigating the Kudankulam cyberattack, since all the fingers initially point to North Korea, the actual hackers maybe just using the code to mask its original identity.
Update: 13/01/2020
Months after the cyberattack at Kudankulam, the Indian government is contemplating to allow FDI in nuclear power area. The decision, likely to be considered by the Prime Minister’s Office (PMO), would be a paradigm shift in India’s nuclear power policy, and subsequently open the gates for multinational companies to overtake the country’s nuclear energy projects.
Send in your tips and submissions by filling out this form or write to us directly at the email provided.
GreatGameIndia is a journal on Geopolitics and International Relations. Get to know the Geopolitical threats India is facing in our exclusive book India in Cognitive Dissonance. Join us on Telegram for more intel and updates.