중앙데일리

Hacker posts nuclear plant blueprints

Dec 20,2014
The design blueprints of nuclear reactors and other parts of the nation’s two largest nuclear power plant complexes were leaked, raising alarm about lax protection of sensitive information that could be used by terrorists.

Blueprints of Korea’s nuclear reactors, as well as detailed explanations on how to manage the control software at the Gori and Wolseong nuclear power plants, was posted on a blog on the nation’s biggest Web portal site Naver on Monday. The blog is run by a user who goes by the nickname “Who am I?”

“The blueprint is often used by operators at the Gori plant when managing the reactor,” said Park In-sik, a spokesman for the Korea Hydro and Nuclear Power Corporation (KHNP). “And the program control manual was actually published in 2009 and handed out to employees as part of a training program at the Wolseong 1 reactor.”

Additional hacked information posted on the blog included test results for thyroid cancer for residents living around the Gori reactor, as well as some personal information of about 10,800 current and former KHNP employees.

Although no details about the identity of the blogger were disclosed, the user identifies themselves the “head of an antinuclear power group’s Korean branch.”

The blog has been shut down since Thursday afternoon.

News of the leak was made public after the state-run nuclear reactor operator KHNP requested a formal investigation from the Seoul Supreme Prosecutors’ Office and the Korean National Policy Agency Cyber Bureau Thursday.

“We acknowledge [our information management] has been lax, but we can only take action against the leak after the investigation is complete,” said the KHNP spokesman. “To prevent additional leaks, all data stored on computers inside our offices was encrypted this morning.”

The breach of sensitive information obviously raised the fear of terrorists gaining a hold of it.

“If these reactor blueprints and system manuals are leaked, we could be faced with a situation where someone posing as an employee could log onto the main reactor control system and commit a terrorist act,” said an official from the National Information Security Service.

The Ministry of Trade, Industry and Energy said in a statement Friday it found no traces of cyberattacks on the main control network.

Yet the blogger who posted the information said a professional hacker provided it, and that the hacker’s motive was the dismantling of local power plants.

“Why did we attack the control system? Because we don’t want to suffer disasters like the Fukushima accident,” wrote the blogger. “Nuclear power is not a safe source of energy anymore. People living near the nuclear power complex have filed a class action suit claiming that they have been suffering from thyroid cancer.”

The blogger claimed that the hacker put over 16,200 pieces of malicious code into KHNP’s system and is planning another attack on Christmas.

BY LEE TAE-KYUNG, LEE HYUN-TAEK AND KIM JI-YOON [jiyoon.kim@joongang.co.kr]







dictionary dictionary | 프린트 메일로보내기 내블로그에 저장