We’ve come across a lot of cyber-attacks on organizations on a daily basis and just yesterday, a story has been circulating on the Internet about a cyber-attack on India’s largest nuclear power plant. The story claimed that DTrack RAT virus infected the nuclear power plant’s administrative systems. This virus has been used against financial organizations in India and became notorious last September after it was discovered in a cyber-attack on ATMs in India. US Department of Justice has identified that the DTrack RAT virus is linked with the Lazarus group, a North Korean backed cyber-crime organization. Some even claimed that this group has a link with WannaCry ransomware attack back in May 2017 which costed a severe cyber-attack damage to major organizations around the world.
A recent statement and investigation by The Nuclear Power Corporation of India Limited (NPCIL) revealed that the infected PC belongs to a user who was connected to the Internet used for administrative purposes. This is isolated from the critical internal network and the networks are being continuously monitored. According to Pukhraj Singh, a reputable cyber-security consultant and former National Technical Research Organisation employee, the attackers had a “very privileged vantage point” in the network. He first alerted the Indian government regarding the possible infection after he had suspicions on suspicious data dumps.
As an International IT security services, training and certification provider in Malaysia, Condition Zebra would like to urge organizations to enhance and maintain their IT infrastructures’ security. Based on the incident above, we can classify it as a cyber warfare attack due to the cost of deliberately disrupting the activities of a state or organisations in it for strategic or military purposes.
We would like to recommend organizations which handle weapons systems to conduct penetration testing on a higher frequency because a single cyber-attack may harm the whole country’s defense capacity. Employee training is also a must in preventing such cyber-attacks to happen to organizations. Employees are typically the weakest link in an organisation’s cyber defences, with 54% of IT professionals citing negligent employees as the root cause of cyber-attack. We would also like to encourage employers to invest in employees’ cyber security training. You may check our training list here and how this training will give your organization the best return on investment.