Computer systems at a South Korean nuclear power plant have been hacked, causing the company to conduct drills to test its ability to cope with a full-scale cyber-attack.
Some documents belonging to KHNP – part of the state-run utility Korea Electric Power Corp – leaked online, but the organisation said there was no hacking of the nuclear reactor operations.
According to the BBC, designs and manuals of plant equipment were put online by the cyber criminals.
The company has said it plans to conduct a series of large-scale drills at four nuclear power plant complexes this week.
Earlier this month, Sony Pictures Entertainment fell victim to a cyber attack which revealed data online including: a list of employee salaries and bonuses; social security numbers and dates of birth; employee performance reviews; criminal background checks and termination records; correspondence about employee medical conditions; passport and visa information for film actors and crew; internal emails; and unreleased films.
Sony said the breach was the result of a “brazen attack” on the company, its employees and its business partners, indicating the attack either extends to or involves the company’s supply chain.
That FBI revealed the malware used Microsoft Windows components to propagate, shut down network services and get instructions from its controllers. This means that enterprises that use Windows and Microsoft server software are vulnerable to attack, especially those not using the latest versions of the software.
At the time, reports that suggested the attack had come from North Korea were dismissed as inaccurate, but the FBI has since said there is enough evidence to accuse the totalitarian country.
A Computer Weekly source said he felt it was important that the FBI and President Obama was getting involved in a cyber attack.
“I think security is the big topic,” he said. “Imagine life if the bad guys hacked and damaged air traffic control, railways, traffic lights, power grid, gas distribution, logistics systems, food distribution, power stations and so on. Not a nice thought.”
But there is no evidence as yet to suggest that North Korea had anything to do with the attack against South Korea’s nuclear power.
In 2013, South Korea accused North Korea of the cyber attacks that shut down thousands of computers at several major broadcasters and banks in South Korea. South Korean investigators said some of the malware discovered on targeted computers was used in previous attacks linked to North Korea.