New Delhi: Security arrangements are in place to secure India’s nuclear power plant systems from cyber attack, Minister of State for Science and Technology and Earth Sciences Jitendra Singh told Parliament on Thursday. His remark came in response to a question in the Rajya Sabha. In a written reply, Dr Jitendra Singh said that security arrangements are in place to secure India’s nuclear power plant systems from cyber attacks.
"These security measures include authorisation, authentication and access control mechanisms, strict configuration control and surveillance. Additionally, the nuclear power plant systems are isolated from the internet and are not accessible from administrative networks. Several measures have been taken to strengthen information security in administrative networks in nuclear power plants like hardening of internet and administrative intranet connectivity, restriction on removable media, blocking of websites and IPs", he said in Parliament.
On the issue of the September 2019 cyber attack on the Kudankulam Nuclear Power Plant, Singh informed that investigations have been carried out by the Computer & Information Security Advisory Group (CISAG)–DAE, along with the national agency, Indian Computer Emergency Response Team (CERT-In).
The measures implemented based on their recommendations include physical separation of Intranet and Internet access, secure virtual browsing terminal for dedicated internet use, secured data transfer provisions requiring authentication are in place, independent security review before posting of new web applications and/or change in LAN / Infrastructural architecture, the constitution of a Task Force for oversight of information security posture, on IT systems in the organisation and restricted usage of removable media.