Cyber threat to Nuclear Facilities- A Real and Present Danger

Sachin Tiwari
November 3, 2019


Image Courtesy: Sky News

The cyber-attack at the Kudankulam nuclear power facility linked to the North Korean hacker group Lazarus presents the question about credible protection of sensitive assets vital to national security. Indian Nuclear Corporation (NPCIL) rejected the unverified report arguing the absence of any external network connection to the facility, later the malware detected was confirmed in investigation. One of the most famous cyber-attacks reported was Stuxnet in 2010 which targeted the Natanz nuclear facility in Iran, leading to the acknowledgment of danger from cyber-attack on nuclear facilities. The primary function of the computer worm was to affect the centrifuges vital to the functioning of the uranium enrichment. It had a limited impact on the nuclear plant delaying the production. The most important aspect in the Kundankulam incident was that the nuclear facility was not connected to any external internet connection. But the sophisticated attack presented the possibility of a cyber-attack, which could have caused damage.  

Chatham House report lists a nuclear weapon system as vulnerable, especially when a new digital component is added to the nuclear system. The modern industrial system works on the SCADA (Supervisory Control and Design Acquisition), integrating the whole network for efficiency and speed vital to the modern-day economy. There have been several incidents of cyber disruptions impacting secure systems, often related to the hacking communities which are constantly working to expose the flaws in the design and system. The ‘Wannacry’ ransomware affected the industrial system globally based on the exploit of a vulnerability used by the US intelligence agencies. A Homeland Security report presented the findings that Russia was involved in cyber-attacks affecting  critical infrastructure including nuclear plants in the US and European countries, since 2016. In all these, the lesson that comes out for cyberspace is that conducting various malicious operations affecting sensitive areas can be accomplished even in ‘secure’ operations. 

The most important concern is the capability of these attacks to disrupt and attack the critical infrastructure vital to the functioning of a country. Many countries have invested substantially for the protection of cyberspace with the development of offensive capabilities. These have been demonstrated by the creation of military cyber command with penetration of their network system worldwide. However, the situation becomes more problematic when the line separating non-state actors from state actors becomes blurred. The case was evident in the Lazarus North Korean hacker group or Internet Research Agency which has links to the Russian state pertinent to its role in the 2016 US presidential elections. The link between the terrorist outfits and the criminal organizations is evident and is dangerous as various illicit groups can be hired to divert the source of threat to nation’s critical infrastructure. The capability demonstration is very different in the case of cyberspace, with even smaller power capabilities to harm having the potential to cause tremendous damage, and a lack of credible response in case of an attack furthering the vulnerability. Iran, over the years, has demonstrated its cyber capability with major cyber-attacks targeting Saudi firms and penetrating vital national assets, including banks and a dam in the US too. 

The Indo-Pacific comprises major nuclear-armed states, including India, China, North Korea, and Pakistan, apart from civilian nuclear facilities based in Japan, South Korea, and Taiwan. The international order has an underlying tension between the US and its strategic competitors especially in the cyber domain, China, Russia, Iran, North Korea. Each of these countries has pushed for aggressive maneuvers. Their actions have led to cyber conflicts and have comprised attacks on both military and civilian assets. The US and Russia have targeted critical infrastructure such as power grid and inserted the trackers in the system for exploitation in future conflicts. These actions are unprecedented due to the involvement of the civilian infrastructure which had been hitherto avoided.

The alleged cyber-attacks originating from China towards other Asian countries also come with a precautionary posture with investments as targets. The ensuing battle over the technology leadership between China and the US, especially in their contention over the building the future network is vital to the issue of cyber safety and security. Huawei’s role in using its communication network to provide surveillance tools to governments in Africa demonstrates the vulnerability over control and usage of communication networks. The integrity of the system is vital for communication and information especially in case of reliability of command and control operations relying on real-time links. This link to the dimension of the contention between major powers adds to the cyber conflict more evidently. As Brandon Valeriano and Maness assessed in their work, Cyberwar versus Cyber Realities, a large number of cyber-attacks carried out consists of regional rivalries among states as a major factor. 

The number of incidents reported, especially concerning the critical infrastructure, is moving up at a fast pace. The defense of the nuclear plants has already been highlighted as indispensable among important security measures required in the contemporary digital world for any country. Rapid integration of technologies in all systems is creating a far more complex interdependent system vital to both the military and civilian infrastructure. Strategic rivalry between states has shifted towards exploiting and disrupting the civilian communication and cyber infrastructure and is increasingly becoming the new normal. In this environment, the usual restraint observed by states is being pushed to higher threshold and in turn persuades the usage of offensive means by states and non-state actors, and nuclear facilities become the most vulnerable infrastructure.

*** The author is currently a PhD scholar at the Centre for Canadian, US and Latin American Studies, School of International Studies, Jawaharlal Nehru University ***