South Korea Plays Down Worm Infection at Nuke Plant

South Korea’s energy minister has tried to reassure parliament that a “low risk” worm which infected computer systems at a nuclear plant did not affect reactor controls.

Yoon Sang-jick told a parliamentary session last week that the worm was probably introduced by workers via infected and unauthorized USB devices.

However, he maintained that the control systems of the facilities housing the reactors were not connected to external networks and therefore safe, according to Reuters.

He claimed the incident was unrelated to a hacking attack earlier in December on operator Korea Hydro & Nuclear Power Co (KHNP). That led to non-critical data being stolen and a Twitter message by someone claiming to be the attacker threatening to shut down three reactors.

However, lawmakers were unsurprisingly dubious about Yoon’s claims.

"I doubt control systems are perfectly safe as said," Lee Jung-hyun is reported to have told the committee hearing.

The new admission of security concerns comes just days after the state-run operator conducted a two-day cyber-attack drill at South Korea’s four nuclear plants, which supply around a third of the country’s electricity.

It seems to have done little to reassure lawmakers and others about KHNP’s ability to withstand a concerted cyber-attack.

KHNP has reportedly responded to concerns by promising to increase the number of cybersecurity staff from 53 to around 70 and set up a committee to oversee the matter peopled by internal and external experts.

In a statement seen by Reuters, the operator said it was “hiking information security systems to the highest level following this cyber-attack case.”

Involvement from North Korea apparently hasn’t been ruled out.

Pyongyang is suspected by the FBI to be behind the recent destructive malware attack on Sony Pictures which led to damaging leaks of sensitive corporate information, although some security experts maintain it was more likely a malicious insider or former employee.

What’s Hot on Infosecurity Magazine?