The Indian Space Research Organisation (ISRO) has confirmed that it was warned about a cyber-attack by suspected North Korean hackers in the middle of a landmark Chandrayaan-2 moon mission in September, but found nothing suspicious at the time, The Quint reported, citing sources.
The latest revelation comes after India’s nuclear authority, the Nuclear Power Corporation of India, confirmed a cyber-attack against the Kudankulam nuclear plant in Tamil Nadu, the country’s southernmost state. Incidentally, the ISRO scientists were targeted "on the same server", Yash Kadakia, founder of Security Bridge, a Mumbai-based cybersecurity company, told the Indian edition.
The breach became public on 28 October after some of the plant’s data emerged on Virustotal.com, an online malware scanning platform, but the plant systems were confirmed to be “not affected”.
Traced Back to North Korea?
Seoul-based non-profit IssueMakersLab has claimed that they identified the malware as the same one that was used to infiltrate the South Korean military’s internal network in 2016.
“North Korea has been interested in the thorium based nuclear power, which to replace the uranium nuclear power [sic]. India is a leader in thorium nuclear power technology”, it said on 1 November.
Separately, researchers at the Russian-based cybersecurity company Kaspersky Labs reported that the last activity of a so-called Dtrack malware that targeted “banks and research centres in India” was “detected in the beginning of September 2019”. Kaspersky Labs attributed the malware to Lazarus, “an umbrella name that typically describes hacking activity which advances Pyongyang’s interests”, the Indian edition noted.
Indian Agencies Increasingly Targeted, Cyber Security Expert Claims
Several cyber-attacks have reportedly been directed against India in recent time.
Kadakia asserted at least five crucial government agencies have been attacked in the past few months, including India's Atomic Energy Regulatory Board.
“This is not really rocket science, it wasn't really anything cutting edge, it was a phishing email, an unpatched browser and a lack of monitoring”, Kadakia was cited by the FT as saying on the recent attack.
“They clicked the links and opened the malware”.
The attacks have raised a grave concern over the suspected North Korean hackers targeting the country’s infrastructure so as to disrupt operations or potentially steal and sell valuable information.
India’s Prime Minister Narendra Modi has of late championed the country as a budding, but promising, space power, although the Chandrayaan-2 mission, which was to be the first to land on the south pole of the moon, failed, having remained in space for about seven weeks.