Union Minister of State (Independent Charge) Science & Technology; Minister of State (Independent Charge) Earth Sciences; MoS PMO, Personnel, Public Grievances, Pensions, Atomic Energy and Space, Dr Jitendra Singh said, security arrangements are in place to secure India’s nuclear power plant systems from cyber-attack.
In a written reply to a question in the Rajya Sabha, Dr Jitendra Singh said, these security measures include authorization, authentication & access control mechanisms, strict configuration control and surveillance. Additionally, the nuclear power plant systems are isolated from internet and are not accessible from administrative network. Several measures have been taken to strengthen Information Security in administrative networks in nuclear power plants like, hardening of internet and administrative intranet connectivity, restriction on removable media, blocking of websites & IPs.
On the issue of September 2019 cyber-attack on the Kudankulam Nuclear Power Plant, Dr Jitendra Singh informed that investigations have been carried out by the Computer & Information Security Advisory Group (CISAG) – DAE along with the national agency, Indian Computer Emergency Response Team (CERT-In). The measures implemented based on their recommendations include Physical separation of Intranet & Internet access, Secure virtual browsing terminal for dedicated internet use, secured data transfer provisions requiring authentication are in place, independent security review prior to posting of new web applications
and/or change in LAN / Infrastructural architecture, Constitution of a task force for oversight of information security posture, on IT systems in the organisation, etc. and Restricted usage of removable media.