South Korea's nuclear power industry reportedly hacked, raising safety and security concerns
December 22, 2014
admin

Map and chart of South Korea's 23 atomic reactors, with many more on the drawing boardsAs reported by the Korea JoongAng Daily on Dec. 20th, on Dec. 15th, design blueprints and detailed instructions regarding safety control systems at South Korea's two largest nuclear power plants -- Gori (with six operating reactors, two more under construction, and two more planned) and Wolseong (six operational reactors) -- were posted on South Korea's biggest Web portal site.

At 4,137 Megawatts-electric and 2,779 MWe, respecitvely, the Gori and Wolseong nuclear power plants are already the biggest in the world; but they are projected to expand to 7,937 MWe and 4,779 MWe, respectively. (See the EJA map and chart, above, as well as the Wikipedia entry "Nuclear Power in South Korea.") Altogether, there are currently 23 atomic reactors in South Korea, with more planned.

News of the leak became public once Korea Hydro and Nuclear Power Corporation (KHNP) -- part of the state-run Korean Electric Power Corporation (KEPCO) -- officially requested an investigation by the Seoul Supreme Prosecutor's Office, and the Korean National Police Agency Cyber Bureau, on Dec. 18th. The provocative blog was also supposedly shut down that same afternoon.

Park In-sik, a spokesman for KHNP, was quoted as saying "The blueprint is often used by operators at the Gori plant when managing the reactor. And the program control manual was actually published in 2009 and handed out to employees as part of a training program at the Wolseong 1 reactor."

KHNP was reported to have added: "We acknowledge [our information management] has been lax, but we can only take action against the leak after the investigation is complete. To prevent additional leaks, all data stored on computers inside our offices was encrypted this morning," presumably Dec. 20th.

(Is there a Korean saying akin to the American English "Why close the barn door after the horse is gone?"?!)

The article quoted a National Information Security Service official as warning "If these reactor blueprints and system manuals are leaked, we could be faced with a situation where someone posing as an employee could log onto the main reactor control system and commit a terrorist act."

However, in a Dec. 22nd Reuters article, KHNP downplayed the risks, labeling the stolen data as "non-critical";  a South Korean deputy energy minister, Chung Yang-ho, was quoted as saying "It's our judgment that the control system itself is designed in such a way and there is no risk whatsoever." A KHNP spokesman was also reported to have said "It is 100 percent impossible that a hacker can stop nuclear power plants by attacking them because the control monitoring system is totally independent and closed."

But nuclear reactor design specialist Suh Kune-yull of Seoul National University was quoted by Reuters as countering "This demonstrated that, if anyone is intent with malice to infiltrate the system, it would be impossible to say with confidence that such an effort would be blocked completely. And a compromise of nuclear reactors' safety pretty clearly means there is a gaping hole in national security."

Who leaked the information to the internet, and why?

Although providing no specifics, the Korea JoongAng Daily article reports "Although no details about the identity of the blogger were disclosed, the user identifies themselves [as] 'the head of antinuclear power group's Korean branch.'"

The Korea JoongAng Daily quoted "Who am I?", the user name of the blogger, as writing "Why did we attack the control system? Because we don’t want to suffer disasters like the Fukushima accident...Nuclear power is not a safe source of energy anymore. People living near the nuclear power complex have filed a class action suit claiming that they have been suffering from thyroid cancer."

The Korea JoongAng Daily reported that "hacked information posted on the blog included test results for thyroid cancer for residents living around the Gori reactor, as well as some personal information of about 10,800 current and former KHNP employees."

The atomic reactor-generated radionuclide Iodine-131 is known to cause thyroid pathology, whether released in relatively small amounts as a so-called "routine emission" from regular nuclear power plant operations, or during a nuclear catastrophe, as at Three Mile Island, Chernobyl and Fukushima.

But it must be emphasized that the leading anti-nuclear power organizations in South Korea -- groups like KFEM (Korea Federation for Environmental Movements), a national member of Friends of the Earth International -- have a long and proud tradition of non-violent anti-nuclear activism. They are dedicated, of course, to preventing catastrophic radioactivity releases, not facilitating such disasters by making nuclear power plants vulnerable to terrorist attack.

By contrast, the Reuters article placed the supposed anti-nuclear blogger in Hawaii, again providing no specifics. The anti-nuclear power movement of the United States, of course, is unanimously dedicated to non-violence and radiological prevention.

However, the Reuters article explicitly addresses another possibility, the elephant in the room: that the source of the hack was instead the North Korean military dictatorship. After all, the breach of the South Korean nuclear power industry comes amidst accusations by the FBI and White House that the Kim Jong-un regime in North Korea is responsible for the salacious, high-profile, costly hack against Sony Pictures described by President Obama as "cyber vandalism." North Korea has denied the charges.

Both articles have reported that the provocative blog threatened to expand the attack, and post further revelations of critical nuclear power safety information, on Christmas Day, if the two South Korean nuclear power plants are not shut down, and a ransom (for lack of a better word) paid.

The Guardian has reported the hack has prompted two days of emergency preparedness exercises at South Korean nuclear power plants, as well as increased security vigilance at U.K. atomic reactors.

North Korean threats against U.S. nuclear power plants?!

Bill Gertz, Senior Editor of the blog Washington Free Beacon, reported on Dec. 18th that very heavily redacted U.S. Defense Intelligence Agency (DIA) documents, recently released under the Freedom of Information Act (FOIA), have revealed that five North Korean commando sleeper cells had been deployed into the U.S. in the 1990s, to potentially attack U.S. nuclear power plants in the event of hostilities between the two countries.

Gertz links to a blog entitled The DMZ War: 1953 to Today, where documents purporting to comprise the DIA FOIA release are posted.

A few other online blogs, such as The Inquisitr, as well as Fox News, have reported on or reprinted the Washington Free Beacon's allegations. However, no other news organizations have done so. Beyond Nuclear can provide no further authentication of the these alarming claims.

Update on December 23, 2014 by Registered Commenteradmin

On the same day that news breaks of North Korea's "mysterious" nationwide internet blackouts, a sobering warning appears in the UBS international power producer investment firm's newsletter headlined "Power Shock-Top 15 Utility Items for 2015: Our Take on the Road Ahead" (December 23, 2014):  

(16)  *Bonus Theme*: Grid security? While we are scared to see this come to fruition, we emphasize regimes like North Korea could be keenly focused on targeting the electric grid. We see this as a clear operational risk – but more broadly, an opportunity to ramp up spending for utilities across the sector. Industry discussion of the subject has remained muted given national security concerns. Should an 'event' occur, we believe this could emerge as among the most significant themes in the sector – with spending to follow."  

Cyber attacks represent a significant external security threat for every U.S. nuclear power plants where 100% of reactor safety systems primarily depend on the electric grid for power. The loss of offsite power (LOOP) diminishes reactor safety margins as well as an automatic SCRAM of the power reactors. Preparing for the extended loss of off-site power potentially coupled with the simultaneous loss of on-site emergency backup power is one of the major  lessons-learned from the Fukushima Diaiichi nuclear catastrophe.  While the industry and regulator have made much of the  remote probability of a  tsunamis for the United States, the investment community is acknowledging how a deliberate cyber-tsunami means extra spending to shore up vulnerable safety systems at these inherently dangerous reactors.

Article originally appeared on Beyond Nuclear (http://www.beyondnuclear.org/).
See website for complete article licensing information.