North Korean hackers suspected of attempt to breach ISRO in September

Hackers from North Korea are suspected to have been behind an attack on the Indian Space Research Organisation (ISRO) in September when Chandrayaan-2 attempted to soft-land a rover on the moon. ISRO may have also been warned of the cyberattack, cybersecurity consultants said, according to the Financial Times. The connection between the Chandrayaan-2 mission and North Korean hackers is being made weeks after it was reported that Tamil Nadu's Kudankulam Nuclear Power Plant was a victim of a North Korean cyberattack.

READ | Researchers Identify Chinese Group Behind Cyberattacks On India

The attack may have begun when officials of the national space agency opened phishing emails, releasing malware into their systems. North Korea has developed a worldwide reputation in cyberattacks and cyber warfare techniques in recent years. The country regularly targets South Korean financial and military systems. The United States has long accused the North Korean government of harbouring dedicated hacker units in its military establishment aimed to disrupt critical computer networks worldwide.

READ | Stay Alert And Watch Out For These Risky Cybersecurity Threats In 2020

Cyber Attack on Kudankulam Nuclear Plant

Earlier, a South Korean cybersecurity firm claimed the Kudankulam Nuclear Power Plant (KKNPP) in Tamil Nadu was attacked by North Korean “DTrack” malware to obtain internal information about “thorium-based nuclear power”. Explaining the reason behind the cyberattack, Issue Makers Lab said that, “North Korea has been interested in the thorium-based nuclear power, to replace the uranium nuclear power. India is a leader in thorium nuclear power technology. Since last year, North Korean hackers have continuously attempted to attack to obtain that information.” The Seoul-based firm also asserted that along with the plant, senior Indian nuclear scientists including former Chairman of the Atomic Energy Commission of India, Anil Kakodkar, and former Atomic Energy Regulatory Board Chairman, SA Bhardwaj, were also targeted by the hackers.

The country's state-run nuclear energy company, Nuclear Power Corporation Limited (NPCIL), had then confirmed the reports of the cyberattack. “Identification of malware in the NPCIL system is correct. The matter was conveyed by CERt-In when it was noticed by them on September 4, 2019. The matter was immediately investigated by the DAE specialist. the investigation revealed that the infected PC belonged to a user who was connected in the internet-connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored. The investigation also confirms that the plant systems are not affected,” the Nuclear Power Corporation Limited (NPCIL) statement said. 

READ | Cybersecurity Company Sells Private User Data To Scammers, Apologises

READ | North Korea: US-S.Korea Drills Will Hamper Nuclear Negotiations