The minister said there was an identification of a malware infection on Kudankulam Nuclear Power Plant (KKNPP) administrative network which is used for day-to-day administrative activities.
The government on Thursday assured the Rajya Sabha that nuclear plants in the country are absolutely safe and steps have been taken to ensure their safety after a “malware infection” was reported in the administrative network of the Kudankulam Nuclear Power Plant. “Let me assure the House that the nuclear plants in the country are completely safe,” Minister of State in the Prime Minister’s Office Jitendra Singh said during Question Hour in Rajya Sabha. “We follow the mantra of safety first and production later,” he said while replying to supplementaries.
The minister said there was an identification of a malware infection on Kudankulam Nuclear Power Plant (KKNPP) administrative network which is used for day-to-day administrative activities. The plant control and instrumentation system is not connected to any external network such as Intranet, Internet and administrative system and thus was not affected, he noted.
“The malfunctioning was confined to administrative block and the plant per se is absolutely safe,” he said. “We have now a quarterly cyber security audit from now on and have put in place an in house audit,” the minister said. He said after the malware detection a committee of experts was set up comprising directors of IIT and experts, who have made certain recommendations and the same are being implemented.
Listing out some of the measures taken, he said these include cyber security reviews, spam and network cleaning, spam filtering, scanning mail system, data protection of services, disabling of Internet access, hardened Internet and blocking of websites from intrusions and vulnerable testing of internet.
Singh said there is a complete segregation of administrative block and the network in the administratve block has nothing to do with the network in the nuclear plant. “Cyber security audit has been carried out by the Computer and Information Security Advisory Group (CISAG) of DAE along with the national agency, Indian Computer Emergency Response Team (CERT-In). It concluded that the malware infection was limited to the administrative network of KKNPP,” he said in his written reply.
“The CISAG-DAE has recommended certain measures for immediate and short term implementation which are being implemented. “In respect of further strengthening of Information Security in administrative networks, various measures have been taken viz. hardening of Internet and administrative intranet connectivity, restriction on removable media, blocking of websites and IPs which have been identified with malicious activity,” Singh said.