Slashdot Mirror

← Back to Stories (view on slashdot.org)

South Korean Power Plants To Conduct Cyber-Attack Drills Following Hack

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes South Korea's nuclear operator has been targeted in a cyber-attack, with hackers threatening people to 'stay away' from three of the country's nuclear reactors should they not cease operations by Christmas. The stolen data is thought to be non-critical information, and both the company and state officials have assured that the reactors are safe. However, KHNP has said that it will be conducting a series of security drills over the next two days at four power plants to ensure they can all withstand a cyber-attack. The hacks come amid accusations by the U.S. that North Korea may be responsible for the punishing hack on Sony Pictures. Concerns have mounted that Pyongyang may initiate cyber strikes against industrial and social targets in the U.S. and South Korea.

5 of 39 comments (clear)

  1. Re:airgap by oodaloop · · Score: 4, Insightful

    That didn't stop stuxnet. If you mandate an airgap, then employees will airgap their files, and music, and cat videos, and everything else they were using the internet for, and USB drives become the vector. Ban USB drives, and there is no airgap and no work. Data needs to go in and out of the network, one way or another. Airgap is no replacement for proper security measures and training.

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  2. WCPGW by cellocgw · · Score: 2

    That's my first reaction: it's one thing to set up a virtual environment and pen-test it; rather another to test systems which are currently making sure nuclear plants are running properly and fully failsafed.
    Maybe I'm just paranoid 'cause I'm reading "Wolves eat Dogs," but I sure hope they don't test on an operational plant.

    --
    https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
  3. Re:Huh? by confused+one · · Score: 2

    It's pretty common for there to be a data link from the control system to the outside world. This is to provide feedback and monitoring capability -- for load balancing, security, and so the managers have access to information about the state of the machine(s). If they're smart, this data stream is one way only, with an intermediary firewall / server controlling access. If they're really smart, the cable only has the Tx pair connected.

  4. Re:Huh? by Graymalkin · · Score: 2

    The plant's control systems may indeed be air gapped. However there are still access vectors. For instance some internet connected switch that sits on a dedicated SCADA network might be exploited and then use the private SCADA network (which isn't necessarily TCP/IP) to access the otherwise air gaped systems. Even exploiting non-critical or seemingly non-critical machines might affect the operation of secure isolated systems.

    Then there's always the USB infection route. An unwitting user inserts a USB stick and you end up with a Stuxnet style infection. I'd much rather a nuclear power plant take a belt and suspenders approach to security rather than just assume an air gap is sufficient.

    --
    I'm a loner Dottie, a Rebel.
  5. The threat of North Korea! by MagickalMyst · · Score: 3, Funny

    Watchout!

    Kim Jong now has the 1337 haxor skillz to set a Sony alarm clock to go off at any time he chooses!

    We're doomed!

    --
    Political correctness is really just herd psychology pushed by insecure people who desperately seek social conformity.