The nuclear security of India has become a matter of concern once again following a ransomware attack, in which thousands of files were leaked that were associated with the country’s biggest nuclear power project.
According to the cybercriminal group World Leaks, it has leaked over 19,000 documents related to the Kudankulam Nuclear Power Plant on the dark web.
The files are said to be part of a large collection of some 858,000 documents allegedly stolen from Reliance Group, a contractor.
Reuters has looked at extracts of the leaked material, but has not been able to independently confirm the authenticity of the documents.
Reliance Group said it suffered from a partial hack of data on a server operated by data centre provider Yotta in India.
Read more: What is the story of Cockroach Janta Party in India?
The Indian government was notified of the attack, the company said, and Yotta said it identified and thwarted a ransomware attack on May 29, but later learned that the attackers claimed to have acquired stolen data.
The documents apparently contain engineering plans for ventilation and cooling systems, designs of control rooms, reports of equipment inspections, supplier details, minutes of meetings on the project, and insurance documents for Units 3 and 4 of the Kudankulam plant, which are being built and will begin operating by 2027.
No designs from Russia’s Rosatom reactor supplier seem to have been breached.
There is no indication that any operational reactor systems were compromised, but cybersecurity experts say that the data exposed may allow an adversary to gain an insight into vulnerabilities in support infrastructure, contractors and supply chains that are related to the facility.
The Computer Emergency Response Team of India (CERT-In) and Nuclear Power Corporation of India are seeking to probe the incident.
The incident has also reignited worries about India’s cybersecurity capabilities, especially after the detection of malware associated with a North Korean hacking group in 2019 on Kudankulam’s administrative network.
The latest leak highlights the escalating threat to India’s key infrastructure and new concerns about the security of crucial data related to nuclear operations.
Also read: Bloomberg report exposes cracks in India’s economy under Modi rule