South Korean Power Plants To Conduct Cyber-Attack Drills Following Hack

An anonymous reader writes South Korea's nuclear operator has been targeted in a cyber-attack, with hackers threatening people to 'stay away' from three of the country's nuclear reactors should they not cease operations by Christmas. The stolen data is thought to be non-critical information, and both the company and state officials have assured that the reactors are safe. However, KHNP has said that it will be conducting a series of security drills over the next two days at four power plants to ensure they can all withstand a cyber-attack. The hacks come amid accusations by the U.S. that North Korea may be responsible for the punishing hack on Sony Pictures. Concerns have mounted that Pyongyang may initiate cyber strikes against industrial and social targets in the U.S. and South Korea.

Re:airgap

[oodaloop]

That didn't stop stuxnet. If you mandate an airgap, then employees will airgap their files, and music, and cat videos, and everything else they were using the internet for, and USB drives become the vector. Ban USB drives, and there is no airgap and no work. Data needs to go in and out of the network, one way or another. Airgap is no replacement for proper security measures and training.