SEOUL, Dec. 22 (Korea Bizwire) — Korea Hydro & Nuclear Power, a subsidiary of Korea Electric Power Corp. responsible for operation of nuclear and hydroelectric power plants, has insisted that the internal documents it was stolen by hackers were nothing important.
But it is still unable to find out how the documents were leaked out and what to do to strengthen its data security. Even though it keeps repeating that they were non-classified data and mostly technical ones, it remains to be seen how much information critical to running nuclear power plants has been pilfered outside.
The Ministry of Trade, Industry and Energy will hold a briefing session explaining interim investigation results on December 22, but it is highly questionable whether it will be able to come up with measures that would dispel people’s doubts.
The current controversy began on December 15 when an anti-nuclear environmental group called “Who Am I” disclosed personnel data of 17,000 current and former employees of Korea Hydro & Nuclear Power on its blog pages.
As the state-run enterprise didn’t realize the seriousness of the incident, the advocacy group followed up this time on the 18th with the disclosure of six files including plumbing plans and nuclear reactor control program manuals of Wolsung and Gori reactors. As the technical data were revealed, the situation at the company turned abruptly.
On the following day, the activists divulged another nine files including the reactors’ valve plans and internal system screen capture with a statement titled “Warning to Korea Hydro & Nuclear Power.”
In the early morning of the 21st, it additionally revealed four files including the design plans and manuals of the reactors in Wolsung and Gori. Despite the revelation of almost 20 files in three occasions, the company has yet to find out whether it was due to hacking or inside job. Earlier, a company official said, “It is unlikely that hackers did this because the information like nuclear reactor design plans is viewable only through the Intranet.”
As it turned out later some of the desktop computers within the company were under a malware attack, the company can no longer rule out a possibility of external hacking.
From the beginning of the incident, the company officials insisted that it was inside job. A high-ranking official also said earlier, “The network of Korea Hydro is free from hacking attacks as it is entirely separate from the Internet and the Intranet.”
As the news of malware attack was reported, however, the company was suspected for intentionally hiding the fact from the public. Every time the advocacy group released a new batch of information, the company asserted these were far from classified information.
But some in the government and the media doubt this may an indication that the company doesn’t realize yet how serious the problem of security breach is. That’s because it is unthinkable for a highly sensitive organization handling nuclear power generation facilities to allow hackers to snatch information with abandon.
Early in October this year, the company was on the news after sharing its network IDs and passwords with employees of the contractors. That means the company’s state of security management level is abject, which further deepens public distrust toward the company.
As to the group “Who Am I” that kickstarted it all, nothing has been known. Security experts said the organization is a highly organized group with trained personnel rather than hacking individuals. A posting on the 21st said, “There is nothing we can do if you don’t stop running the power plants by this Christmas.”
From this, investigators believe the perpetrators are a group of people. At the end of the message, it said, “Head of Anti-nuclear Group from Hawaii.” But the investigators said it is not likely they are operating from Hawaii.
By Sean Chung (schung10@koreabizwire.com)