Wednesday, October 30th 2019
India's Largest Nuclear Power Plant Denies Rumors of Cybersecurity Breach Stopping a Reactor
The Kudankulam Nuclear Power Plant (KKNPP) is India's largest, with two operational 1,000 MWe reactors, and four more under construction, making up a nameplate capacity of 6,000 MWe (electrical output) when fully built. Last Saturday (26th October), unit 2 was taken offline due to an "SG level low" (steam generator level low) error. This event, roughly coinciding with Twitter chatter on an alleged cyber-attack on the plant's computers on Tuesday, spread panic. Twitter threads from cyber-security handles chronicle a possible DTrack malware attack that gained access to the plant's domain controller.
On Tuesday, state-owned Nuclear Power Corporation of India (NPCIL), which operates KKNPP, put out a press-release denying these rumors. In the press release, plant spokesperson R. Ramdoss states that the plant's computers are isolated from the Internet, and that an external cyberattack is "impossible." He stated that Unit 2 was taken offline due to a mechanical problem in its turbine hall (levels of steam being too low to turn the turbine). It's important to understand that a "Unit" in power plant jargon is a combination of a reactor and its turbine hall. The reactor splits atoms to heat water and make steam, the turbine hall uses this steam to make electricity. A "unit" being offline doesn't necessary mean that its reactor is, but that it's simply not putting out power to the grid. Ramdoss stated that as of Tuesday, units 1 and 2 were putting out 1,000 MWe and 600 MWe, respectively.
Update (late-Wednesday, 10/30): NPCIL retracted its earlier statement denying a cyber-attack, and released another press-release, stating that one of its PCs in the plant's administrative block that was exposed to the Internet, was infected by malware, and is being cleaned. This PC is isolated from the plant's internal network that operates the various critical systems. The investigation also revealed that the plant's internal computers are unaffected. The new press-release is pictured above. From the looks of it, the operational error on Saturday is unrelated to the cyber-attack.
Sources:
The Hindu, Arstechnica, Suryaceg (Twitter), Zee News
On Tuesday, state-owned Nuclear Power Corporation of India (NPCIL), which operates KKNPP, put out a press-release denying these rumors. In the press release, plant spokesperson R. Ramdoss states that the plant's computers are isolated from the Internet, and that an external cyberattack is "impossible." He stated that Unit 2 was taken offline due to a mechanical problem in its turbine hall (levels of steam being too low to turn the turbine). It's important to understand that a "Unit" in power plant jargon is a combination of a reactor and its turbine hall. The reactor splits atoms to heat water and make steam, the turbine hall uses this steam to make electricity. A "unit" being offline doesn't necessary mean that its reactor is, but that it's simply not putting out power to the grid. Ramdoss stated that as of Tuesday, units 1 and 2 were putting out 1,000 MWe and 600 MWe, respectively.
5 Comments on India's Largest Nuclear Power Plant Denies Rumors of Cybersecurity Breach Stopping a Reactor
12001000 MWe reactors. Units three and four (middle) have started construction.The hackers may have gotten into the business side of the facility but, as they said, the systems controlling the reactors are offline.
www.thehindu.com/news/national/Kudankulam-Nuclear-Power-Plant-attains-criticality/article14483325.eceThe reason why I brought it up is because OP has "nameplate capacity of 6,000 MWe (electrical output)" which I think you were getting from when all six units are installed. Nameplate capacity goes by maximum amount of power the facility can safely supply to the grid which is 1864 MWe until reactors 3 & 4 are operational.
Updated with a flip-flop from NPCIL. They maintain this was an admin block PC that was connected to the Internet, and isolated from the actual computers that run the plant.