Second nuclear plant at TN's Kudankulam stops operation. Hacked?

Assassin 2.0

Senior Member
Joined
Aug 13, 2019
Messages
6,087
Likes
30,705
Country flag
Update...............


High quality PSU working real hard.
I bet this worker can have some links with top brass and will not be kicked out and after few years will enjay his pension. Difficult life.o_O:clap2::clap2:
 
Last edited:

south block

up your a**
Regular Member
Joined
Feb 1, 2016
Messages
996
Likes
1,471
Country flag
wtf is this????? enough is enough....kick these useless psu out of anything related to defence and national security matter...
Truth is we spent almost nothing to secure and develop cyber warfare capability. And our politician are literally dumb to understand it's importance.

Just to get a laptop issued for a new intern it takes approvals email process that goes over month. What do you expect from them ?
both of you should not comment on the things you don't know about...you people are delusional if you think NTRO & govt agencies are useless.. it is quite easy to bragg & s*** on govt while comfortably sitting in home.
 

Spindrift

Senior Member
Joined
Nov 29, 2011
Messages
2,629
Likes
8,544
both of you should not comment on the things you don't know about...you people are delusional if you think NTRO & govt agencies are useless.. it is quite easy to bragg & s*** on govt while comfortably sitting in home.
They are not useless, but in this matter they are clueless. The problem here is that they are following a 19th century model of governance and administration in the 21st century.
 

Anikastha

DEEP STATE
Senior Member
Joined
Jan 30, 2015
Messages
5,005
Likes
8,881
Country flag
both of you should not comment on the things you don't know about...you people are delusional if you think NTRO & govt agencies are useless.. it is quite easy to bragg & s*** on govt while comfortably sitting in home.
when did I blame ntro???
read my post i said psu....if u dint know what psu is...ask...i will tell.
ex: govt shipyards...ofb...hal....
 

Anikastha

DEEP STATE
Senior Member
Joined
Jan 30, 2015
Messages
5,005
Likes
8,881
Country flag
They are not useless, but in this matter they are clueless. The problem here is that they are following a 19th century model of governance and administration in the 21st century.
every industry out there tries to improve their efficiency n quality of the product...for our psu innovation n hardwork is like alien concept....
 

south block

up your a**
Regular Member
Joined
Feb 1, 2016
Messages
996
Likes
1,471
Country flag
Seriously man...the evidence is not helping. The official explanation is bs.

Security | Questions the alleged cyber-incident at Kudankulam Nuclear Plant raises

Abhijit Iyer-Mitra

On October 29, authorities at the Kudankulam Nuclear Power Project (KKNPP), in Tamil Nadu, issued a statement denying (Image 1) the speculation of a cyber incident at the power plant. The Indian Express reported senior government officials saying that an audit had ‘confirmed that an “incident” had occurred (in early September), though not to the main operations of the plant’. The accumulated evidence, however, tells a far more disturbing story, albeit circumstantial, and the KKNPP denial raises more questions than it answers.

There are three pieces of circumstantial evidence that point to a significant cyber event having taken place.
First, as per publically available documents, the fact that the Nuclear Power Corporation of India (NPCIL) issued tenders for (and bought) Windows systems. This shows that there were several Windows-enabled computers operational within the KNPP air gap. As cyber expert Samuel Cardillo told me in an interview, in any nuclear power plant the administrative side is neatly separated from the operations side for security reasons. If indeed Windows was only used in the administrative side, this raises the question as to what was the operating system (OS) used on the operations side? The only alternative explanation is that the operations of the plant were run on an OS developed ab-initio by India exclusively for use by India.

This begs the question: What is this OS based on and how long did it take to integrate the said system with Russian equipment which would add a whole new layer of complexity (and vulnerability in addition to malfunction) to an already complex system. It is important to note that the virus in question ‘DTRACK’ is programmed to attack Windows operating systems.



Image 1

Second, we know for a fact from the Kudankulam data dump that KKNPP had a MyStub.exe file. Cardillo explains this as ‘the camouflage on a Trojan horse’ or to use an Indian context, it's like finding a file in a defence ministry computer titled AlJihadAlHind.exe, which should have immediately raised a red flag. He explains a stub as ‘an encrypted file that allows the virus to remain undetected — an embryo of sorts — a virus nursery that helps the virus regenerate and renew itself while staying hidden.... the fact that it was labelled MyStub should have in itself sent alarm bells ringing’. Importantly, the data dump image below shows administrator access. (Image 2)

Third, the fact that the plant has suffered multiple shut downs suggests a serious and persistent equipment problem. In many ways this is reminiscent of the Stuxnet attack on Iran, which over time, significantly reduced the efficiency of Iranian centrifuges causing them to malfunction regularly.

This is hardly surprising given that the progenitor of DTRACK, was a ransom-ware system that had infiltrated Sony for over two years but stayed latent collecting information and played its hand only much later. In that sense it is impossible to tell when the virus was implanted (if it was implanted) and when it would start acting up. Certainly, the frequent failures at KKNPP point to a Stuxnet-style gradual attrition of capability. If this is not malware related, this points to a possibly more serious design problem.




Image 2; Shows administrator access

Absent in this (and KKNPP's official denial) is the discussion of India's security culture — that is to say the human angle. What one should remember is that it is a scrupulous adherence to data hygiene that prevents the breaching of an air gap. To date we have had repeated breaches of Ministry of External affairs computers by Chinese hackers (including highly sensitive data).

Also to note that the Natanz nuclear facility was not attacked via networks, but rather through a lax security culture where contractors were allowed to use private USB sticks within the Natanz air gap. To note, that some of these contractors also used these USB sticks in India, and transferred the virus to several Indian facilities.

Notably, unlike in the United States, where 2 per cent of nuclear programme staff are laid off every year for minor infractions (sometimes not even related to their work, such as a repeat occurrence of speeding tickets or gambling problems), we still have no transparency with regards to our personnel reliability programme.

In short, if indeed a breach has occurred, it is a human problem not a network one and KNPP's diagnostic and denial does little to restore confidence.

Abhijit Iyer-Mitra is senior fellow at the Nuclear Security Programme of the Institute of Peace and Conflict Studies, New Delhi. Views are personal.

https://www.moneycontrol.com/news/i...es-4585321.html/amp?__twitter_impression=true


This clown Abhijit is a foreign proxy
They are not useless, but in this matter they are clueless. The problem here is that they are following a 19th century model of governance and administration in the 21st century.
this must be coming from your experience working in govt institutions I guess lol.
when did I blame ntro???
read my post i said psu....if u dint know what psu is...ask...i will tell.
ex: govt shipyards...ofb...hal....
What PSU is responsible for this failure plz explain
 

Anikastha

DEEP STATE
Senior Member
Joined
Jan 30, 2015
Messages
5,005
Likes
8,881
Country flag
This clown Abhijit is a foreign proxy

this must be coming from your experience working in govt institutions I guess lol.

What PSU is responsible for this failure plz explain
i m not blaming anyone for this incident.....i was simply cross referring laat months theft on ins vikrant...i forgot to add vikrant part...
 

south block

up your a**
Regular Member
Joined
Feb 1, 2016
Messages
996
Likes
1,471
Country flag
i m not blaming anyone for this incident.....i was simply cross referring laat months theft on ins vikrant...i forgot to add vikrant part...
no you did blame PSU out of nowhere when this thread is about a cyber attack. all critical Indian military & civilian network run on closed loop, if there is a breach it's always an insider. Their was no breach here.
 
Last edited:

south block

up your a**
Regular Member
Joined
Feb 1, 2016
Messages
996
Likes
1,471
Country flag
i m not blaming anyone for this incident.....i was simply cross referring laat months theft on ins vikrant...i forgot to add vikrant part...
One more site was targeted not just kudukulam
 

Spindrift

Senior Member
Joined
Nov 29, 2011
Messages
2,629
Likes
8,544
this must be coming from your experience working in govt institutions I guess lol.
I have interacted with a few.
Also I have over 15 yrs of experience in the IT industry from doing enterprise level technical support to site reliability engineering. So I guess I know what I am talking about.
 

Haldiram

Senior Member
Joined
Jan 2, 2018
Messages
5,708
Likes
28,648
Country flag
Update...............


High quality PSU working real hard.
I bet this worker can have some links with top brass and will not be kicked out and after few years will enjay his pension. Difficult life.o_O:clap2::clap2:
So there's no smoke without fire and the organization hurriedly even issued a statement that all the systems are insulated from the internet. Pehle investigation toh kar lete.

Even during the Iran nuke site attack, the virus came from the USB drive of one of the employees, whether honeytrapped/bribed or plain case of incompetence is not sure but it's quite rich for the organization to say that it is not possible only to be revealed later that a lapse did occur.

But this sarkar is different. If they can throw out Avinash Chander unceremoniously and put a former IAF chief under CBI, there's hope that everything will be dealt with eventually, if not immediately.
 

Anikastha

DEEP STATE
Senior Member
Joined
Jan 30, 2015
Messages
5,005
Likes
8,881
Country flag
no you did blame PSU out of nowhere when this thread is about a cyber attack. all critical Indian military & civilian network run on closed loop, if there is a breach it's always an insider. Their was no breach here.
name the psu i blamed.....
00000000000ppp
0000pppppp0p0000
 

Latest Replies

Global Defence

New threads

Articles

Top