Korea Hydro & Nuclear Power Co Ltd said it would beef up cybersecurity by hiring more IT security experts and forming an oversight committee, as it came in for fresh criticism from lawmakers following recent hacks against its headquarters. The nuclear operator, part of state-run utility Korea Electric Power Corp, said earlier this month that non-critical data had been stolen from its systems, while a hacker threatened in Twitter messages to close three reactors.
The control systems of the two complexes housing those reactors had not been exposed to any malignant virus, Seoul’s energy ministry and nuclear watchdog said in a joint statement, adding the systems were inaccessible from external networks. Energy Minister Yoon Sang-jick told a parliamentary session that evidence of the presence and removal of a “worm” — which the ministry said was probably inadvertently introduced by workers using unauthorized USB devices — was unrelated to the recent hacking incidents, drawing scepticism from some lawmakers. “I doubt control systems are perfectly safe as said,” Lee Jung-hyun, a lawmaker in the ruling Saenuri party, told the committee hearing.
Worries about nuclear safety in South Korea, which relies on nuclear reactors for a third of its power and is the world’s fifth-largest nuclear power user, have mounted since the 2011 Fukushima disaster in Japan and a domestic scandal in 2012 over the supply of reactor parts with fake security certificates…Korea Hydro and Nuclear Power President and CEO Cho Seok told the hearing that all control systems of the country’s 23 nuclear reactors were safe against malignant codes. Recently, he said that cyberattacks on non-critical operations at the company’s headquarters were continuing, although he did not elaborate for security reasons.
Excerpt from South Korea nuclear operator finds computer ‘worm’ in control system, Reuters, Jan, 1, 2015