Hackers Uploaded a Worm to South Korean Nuclear Plants

By Adam Clark Estes on at

Here's a scary thing that happened: South Korean authorities found evidence that a worm was recently removed from devices connected to nuclear power facilities. The news comes a little over a week after the country's nuclear plant operator received warnings on Twitter that its network had been compromised. Thankfully, the reactor controls were not infected.

The specific details of the low-risk worm remain unclear. South Korea's Energy Ministry says that the malware probably ended up on the nuclear power facilities through an unauthorised USB device. The reactor controls of Korea Hydro and Nuclear Power (KHNP), the state-run utility affected, are not connected to any external networks. However, somewhat surprisingly, Energy Minister Yoon Sang-jick told parliament that the worm was not connected to the other hacking incidents, a claim that "[drew] scepticism from some lawmakers," according to Reuters. Either way, the worm and them hacks do not reflect well on the state of South Korea's cybersecurity.

This is an especially worrisome attack in South Korea, since a third of the country's power comes from nuclear reactors. Authorities have not ruled out the possibility that North Korea is to blame, and KHCP is beefing up its cybersecurity staff from 53 to 70. That still seems like a small number of people to guard 23 nuclear reactors, huh? [Reuters]

Image via Getty