Korea Hydro and Nuclear Power Co (KHNP), which operates South Korea’s nuclear power plants, has sought to reassure the public after a hacker released more files concerning its facilities.
KHNP is part of state-run utility Korea Electric Power Corp, and operates all 23 of the nuclear power plants located in South Korea.
A computer worm was later discovered in a device connected to the control system, but KHNP insisted that the breach had not reached the reactor controls itself.
The hacker had demanded the closure of three reactors by Christmas, and said that if they were not shut down by the deadline people should “stay away” from them. He has previously released blueprints of nuclear reactors on social networks, and well as other data such as plant air conditioning and cooling systems, a radiation exposure report and personal data of employees.
And now according to Reuters, the hacker has released more data, but a KHNP official said the data was from the December hack, and not a fresh security breach.
On Thursday the hacker used Twitter to post more files online, and included a demand for money and an email address he could be contacted. The hacker also claimed that there have been offers from other countries to buy data related to nuclear power plants.
“We don’t know how they were leaked but one thing for sure is that there has been no attack from anti-nuclear groups since December,” an official at Korea Hydro and Nuclear Power Co Ltd, told Reuters, referring to the newly posted files.
KHNP has said that all of the documents were unclassified, as was the material leaked in December.
The potential risk to systems controlling critical infrastructure and industrial systems remains a worry for many governments and authorities around the world.
The dangers to infrastructure was first revealed to the world years ago when the malware known as Stuxnet, caused damage to nearly 3,000 centrifuges in the Natanz facility in Iran. A German steelworks also suffered “massive damage” after a cyber attack on its computer network in late December.
Researchers have previously warned that security weaknesses in industrial control systems could allow hackers to create cataclysmic failures in infrastructure.
For example the United States has passed legislation that would protect its electricity grid from attacks. The GRID Act would direct the FERC (Federal Energy Regulatory Commission) to take measures to protect the electricity grid from telecommunications intrusions.
Are you a security pro? Try our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…