A wake-up call
The country’s nuclear reactor operations were unaffected despite a cyberattack by a hacker or hacker group that threatened to release more confidential reactor files unless the plants were closed by Christmas. But authorities should not let their guard down. Nuclear safety concerns threaten the public and even national viability, and their defense must not be put at risk under any circumstances.
The government and the nuclear operator Korea Hydro and Nuclear Power Corporation (KHNP) must learn from the recent attack and reinforce security against cyberattacks in all state infrastructure and our overall industrial base. They must draw up a white paper on how the designs and manuals of the two reactors were hacked and leaked and what they will do to beef up their capacity against cyberattacks. KHNP and the government have angered the public with the laid-back response to the series of online information leaks about the nuclear reactors’ operations.
The country’s key areas of infrastructure are exposed to the risk of cyberattack if our current posture and mindset are not fixed. Various remote activities on facilities, equipment and machinery are possible through the Internet. Not only nuclear reactors, but the traditional infrastructure of power grids, gas pipelines, the water supply system and dams are also vulnerable to cyberattack. A scene from a Hollywood film where a terrorist uses a remote system to hack into an urban infrastructure computer system and cause mayhem could become a reality.
Anti-cyber-terrorism forces must be beefed up. There are 32 nuclear reactors across the country but experts watching over the computer system number just three. Nine others are at the reactor sites.
The Korea Institute of Nuclear Nonproliferation and Control under the auspices of the Nuclear Safety and Security Commission recommends 18. The United States has 40 cybersecurity experts to watch over 105 nuclear reactors and Britain has 15 to supervise 31 reactors. All state entities operating public infrastructure should be forced by the law to be equipped with cybersecurity forces. Students majoring in science and engineering should be offered a Talpiot-like program, an elite defense forces training program in Israel where recruits are encouraged to employ science and engineering capabilities while in the military and further their expertise in research and development after service. The government should update computer security manuals for public officials working in state infrastructure organizations. The separate anti-cyber-terrorism and computer intelligence divisions in various government offices should be coordinated under a presidential secretary at the National Security Office in the Blue House. The nuclear reactor hacking should be a wake-up call.
JoongAng Ilbo, Dec. 27, Page 30