S. Korea nuclear plant hack: 3 reactors demanded closed by Christmas

22 Dec, 2014 13:42 / Updated 10 years ago

A South Korean nuclear plant operator’ computer system was hacked. The perpetrator has leaked blueprints and manuals, says if his demands for three reactors’ closure aren’t met, those living near the facilities should “stay away” from home.

The hacker has been releasing the internal data of Korea Hydro & Nuclear Power Co (KHNP) in stages, with the latest piece being posted online on Sunday. It came together with a warning of a major leak still ahead.

I can open to the world 100,000 pages of data that have not yet been revealed,” the hacker said in the post, cited by Korea’s Yonhap news agency. “You say this isn’t confidential material. Let’s see if you will take responsibility if the information on blueprints, systems and programs are all disclosed to the countries that want them.”

READ MORE: Cyber espionage predicted to worsen in 2015 – security experts

A Twitter user called "president of anti-nuclear reactor group in Hawaii" has claimed responsibility for the leaks.

He demands the shutdown of KHNP’s Gori-1, Gori-3 and Wolsong-3 nuclear reactors for three months starting Christmas, warning “residents near the reactors should stay away for the next few months” in case the demand is ignored.

Both the Korean government and the nuclear plants’ operator have assured no hacker can possibly damage nuclear plants.

"It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed," an official at KHNP told Reuters on Monday.

READ MORE: Cyberattack on German steel mill inflicts serious damage

There’s a perception at the nuclear enterprise that the information could have been stolen before April 2013, when internal networks were isolated from all outside connection.

South Korea’s Deputy Energy Minister Lee Kwan-sup confirmed on Monday the leaked data was from Gori and Wolsong nuclear power plants, but said it was general information and claimed most of it could even be found “using Google's search engine.”

Nevertheless he still believes the leak is a reason to be wary.

"The government is handling this case with extreme care, but what we must bear in mind is that we do not know what the true intentions of these people are," Lee said, according to Yonhap.

READ MORE: Cybercrime costs half a trillion dollars annually – report

Experts in nuclear energy are less cautious with wording and take the threat very seriously.

"This demonstrated that, if anyone is intent with malice to infiltrate the system, it would be impossible to say with confidence that such an effort would be blocked completely," Suh Kune-yull of Seoul National University, who specializes in nuclear reactor design, told Reuters.

"And a compromise of nuclear reactors' safety pretty clearly means there is a gaping hole in national security," he added.

The attacks come as Seoul’s long-time adversary, Pyongyang is being center of a hacking scandal, with the US accusing it of being responsible for the cyber-attack on Sony Pictures.

READ MORE: N. Korea threatens US, demands apology for Obama’s ‘reckless rumors’ of Sony hack

South Korea, which accused its northern neighbor of hacking attacks in the past, has not yet this time pointed a finger at Pyongyang. Seoul says the incident is being investigated.

Prosecutors have traced the IP used for a blog carrying the stolen documents to an online user in a southern city, Reuters reported. The person in question denies any involvement and claims his user ID has been stolen.

KHNP has meanwhile launched a two-day exercise on Monday to prepare staff to a possible cyber-attack.

The state-run company operates 23 nuclear power reactors, accounting for 30 percent of South Korea's electricity.