According to an earlier report the Indian company originally denied the assertion.

The Nuclear Power Corporation of India Limited, or NPCIL, confirmed Wednesday that the original report of malware in the Kudankulam Nuclear Power Plant (KKNPP) is correct. The malware was attributed to the Lazarus cybercrime group. In the release, NPCIL Associate Director A. K. Nema said, “The matter was conveyed by CERT-In when it was noticed by them on September 4, 2019.” CERT-In is India’s National Computer Emergency Response Team.

Nema added that the matter was immediately investigated by India’s Department of Atomic Energy.

“The investigation revealed that the infected PC belonged to a user who was connected in the internet-connected network for administrative purposes. The networks are being continuously monitored,” Nema said.

The confirmation of a malware hack comes the day after the NPCIL denied that an attack would affect the KKNPP, according to an earlier report from Ars Technica, which also reported on the malware confirmation.


Source: CNET