back to article NUKE HACK fears prompt S Korea cyber-war exercise

The firm running South Korea's nuclear plants has decided to run cyber-war drills following the leak of sensitive data and threats from unidentified hackers. Korea Hydro and Nuclear Power Co (KHNP) has decided to run the exercises after the online leak of plant equipment designs and manuals last week. The technical documents …

  1. frank ly

    I would hope ...

    ... that a nuclear reactor wouldn't have any connection to the internet and any required data link to a separate control/monitoring facility was made using a truly physically private network. I've spent my entire life living in hope and have often been disappointed.

    1. Stuart 22

      Re: I would hope ...

      This may be true - but possession of the appropriate manuals informs an unfriendly party of shutdown procedures and other sorts of sensitive information which if exploited could be mischievous or worse.

      1. Chris G

        Re: I would hope ...

        In view of the item earlier in El Reg regarding the Blast furnace in Germany, one would hope that airwalling would be obvious and De Rigeur for anything as sensitive as a Nuclear power station.

        Well, one would hope!

      2. DropBear

        Re: I would hope ...

        possession of the appropriate manuals informs an unfriendly party of shutdown procedures and other sorts of sensitive information which if exploited could be mischievous or worse.

        Only if they intend to attempt any of it directly on-site, by which time leaked manuals are the least of the worries of the plant personnel...

    2. Anonymous Coward
      Anonymous Coward

      Re: I would hope ...

      Stuxnet didn't need the automation equipment to be Internet-facing, and it readily got past airgaps, by relying on the presence of commonly used Windows-based programming tools used with the automation equipment, tools which sometimes connect to the corporate network (where they get infected) and sometimes connect to the (uselessly airgapped) automation network (where the payloads do their clever stuff with the automation kit).

      A variant on Sneakernet.

    3. h4rm0ny
      Boffin

      Re: I would hope ...

      If the North Koreans have obtained a complete technical reading of this power station it is possible however unlikely they might find a weakness and exploit it

      1. Swarthy
        Alien

        Re: I would hope ...

        Say, a small exhaust port about the size of a wamprat.....

        1. Anonymous Coward
          Anonymous Coward

          Re: I would hope ...

          LIES!

          Nerf-Herders defy the laws of physics? How could any pilot shoot a missile into a 2 meter-wide exhaust port, let alone a pilot with no formal training, whose only claim to fame was his ability to “bullseye womprats” on Tatooine? This shot, according to one pilot, would be “impossible, even for a computer.” Yet, according to additional evidence, the pilot who allegedly fired the missile turned off his targeting computer when he was supposedly firing the shot that destroyed the Death Star. How did the missile make a right angle turn after entering the exhaust port? How could a missile shot in the vacuum of space–that would tend to keep going in the same direction as it was released, according to the laws of physics–be *sucked* into an *exhaust* pipe? "Exhaust" means to exhale or blow out... Wouldn’t the missiles have been blown awry of their target rather than sucked in? If it had been an intake pipe, then the “bending” path of the missiles could be plausible. Why have these discrepancies never been investigated, let alone explained? How could a single missile destroy a battle station the size of a moon? No records, anywhere, show that any battle station or capital ship has ever been destroyed by a single missile. Furthermore, analysis of the tape of the last moments of the Death Star show numerous small explosions along its surface, prior to it exploding completely! Why does all evidence indicate that strategically placed explosives, not a single missile, is what destroyed the Death Star?

          1. JCitizen
            Coffee/keyboard

            Re: I would hope ...

            U.S. Star Wars program tests with actual existing "smart" interceptors have proven that they can change direction instantly and at high speed. We don't even have to speculate into the future, it is already here. The thrust of some of those things equals the weight of a battleship, so yes they could do that maneuver quite easily, but the movie was silly to suggest no computer control - as if alien worlds would have such clumsy computers matching our old Earth technology in a far flung galactic history.

            1. Pascal Monett Silver badge

              Re: "change direction instantly and at high speed"

              For certain values of "instant", obviously.

              With current technology, even if a missile reacts in milliseconds, when it is going at Mach 4 (1 361.16 m / s) it still covers 1.36m (0.1475 double-decker bus) every millisecond.

              A missile will certainly turn faster than a human pilot can due to its far greater resistance to G-force, but current tech does not allow it to u-turn on a dime.

  2. This post has been deleted by its author

  3. Terry 6 Silver badge

    Another......

    Whether it was spear phishing or something else in these examples the same question arises; how the hell they manage to leave an access route that wasn't locked down. It's not an IT thing really. That's just the vector. It's a matter of risk assessment and security.

  4. Anonymous Coward
    Anonymous Coward

    Re. blueprints

    Don't know what the fuss is about, I have the full plans for La Hague here and these PWRs are really overengineered considering they were built in the 1970s.

    1. Anonymous Coward
      Anonymous Coward

      Re: Re. blueprints

      That had me scratching my head too. The blueprints aren't any help at all without access to the reactor control systems. If you do have that level of access then you already have a real problem. Reactor design for pressurized water reactors (PWR's) are pretty generic and digital controls not often seen. You really don't want a glitch resulting from a fast neutron that makes it through all that shielding screwing things up. Put another way, analog is king.

      As to who might make use of the blueprints? North Korea almost certainly has them already as a successful conquest of the south would leave them having to run them and I absolutely doubt they'd melt one down. They want an intact South Korea, not a radioactive wasteland. NK is crazy just not that insane.

  5. wolfetone Silver badge

    Just a small request to North & South Korea

    If you two do start arguing can you keep the nukes to a minimum and keep it in your own back garden? I'd like to go and see Queen with Adam Lambert in January and I don't want to go out with a lead lined suit on me. It'd get very hot doing air guitar to Fat Bottomed Girls don't you know.

  6. Anonymous Coward
    Anonymous Coward

    Sony haters looking pretty silly now.

    Being used as pawns in the terrorists game..

    "But what about the rootkits and PS3 Linux...."

    1. PNGuinn
      Joke

      Re: Sony haters looking pretty silly now.

      So what if all the guff about silly movies about the Boy Wonder and releasing lots of personal info was just covering noise ... and what they REALLY wanted was Sony's world leading ROOTKIT TECHOILOGY????

  7. xperroni
    Paris Hilton

    "Fox News reports"

    Now that's an oxymoron if I have ever read one.

    1. Mark 85

      Re: "Fox News reports"

      It was mis-spelled. In many parts of the States they're know as "Faux News".

  8. Anonymous Coward
    Anonymous Coward

    I can't help feeling that something like a nuclear reactor should be designed such that the blueprints could be made public at any time and it wouldn't in anyway affect the security of the station. I'm not saying they should be open to the world but that it should be designed in such a way as they are expected to be open at some point. To be fair though anyone who designs any critical part of a nuclear reactor that can be accessed remotely deserves everything they get. An air gap isn't completely fool proof but it's certainly a big step in the right direction.

    1. Destroy All Monsters Silver badge

      People have been watching "CSI - FACEPALM" so long that they think blueprints are useful for something other than engineering. And that you can get magical results from computers.

  9. MartinBZM
    Mushroom

    Testing in 3... 2... 1...

    They should review their testing procedures before actually testing them like they did in Tsjernobyl...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like