Korea Hydro and Nuclear Power Co. Hacked

Computer systems at Korea Hydro and Nuclear Power Co. (KHNP)—the operator of South Korea’s 23 commercial nuclear reactors—were hacked and information divulged via blog posts and posts on Twitter, according to the company.

The first leaks on Dec. 15 were of personal information obtained from some of the 10,799 employees of the company, but later posts included reactor cooling system valve drawings from the Kori Unit 1 nuclear power plant, internal phonebook information, and KHNP’s own secret subcategory guidelines. According to some Korean news sources, the designs and manuals from Gori Unit 2 and Wolsong Unit 1 were also released, including details on the reactors’ air conditioning and cooling systems.

KHNP says there has been no affect on the nuclear safety of the plants, because the nuclear control network is completely separate from the company’s other computer networks. It says penetration of the system from the Internet is not possible. Additionally, KHNP noted that reactor protection systems are composed of analog relay equipment, which cannot be infected by hackers.

The company announced it is conducting mock cyber attack drills on Dec. 22 and 23 using its 10 simulator training systems. Four scenarios are part of the training: malfunction of the host computer resulting in out-of-control rod withdrawal, signal disturbance of the main water-supply control system, failure of the turbine-generator control system output, and a breakdown of the switchyard power control system. KHNP claims that operators practice more than 70 hours per year on natural disaster and emergency situation simulation, which can help operators respond appropriately in the event of an emergency.

KHNP noted that other policies are also in place to prevent security breaches, such as fingerprinting and proper identification being needed to obtain entry into its nuclear power plants. It says virus scans are done on all information and communication equipment prior to plant installation.

But the assurances have not completely eased fears in the country. The hacker is said to have threatened the release of more information if three reactors—Gori Units 1 and 3, and Wolsong Unit 3—are not shutdown by Dec. 25.

The KHNP attack comes shortly after the high-profile cyber attack waged on Sony, which U.S. officials claim was carried out by North Korean hackers, and on the heels of the Cybersecurity Enhancement Act of 2014, which was passed by the U.S. Congress on Dec. 11.

Aaron Larson, associate editor (@AaronL_Power, @POWERmagazine)

SHARE this article