Go to Contents Go to Navigation

(LEAD) Suspect in nuclear reactors hacking used Chinese IP addresses

All Headlines 17:13 December 24, 2014

(ATTN: RECASTS 2nd para to identify Chinese city; UPDATES with more information, remarks from energy vice minister from 8th para; EXPANDS dateline)

SEOUL/SEJONG, Dec. 24 (Yonhap) -- A suspect in the hacking attacks on South Korean nuclear reactors used multiple IP addresses based in China, according to investigators here Wednesday.

The suspected hacker worked from the Chinese city of Shenyang, a joint investigation team of government and prosecution officials said.

The suspect, the self-proclaimed president of an anti-nuclear power activist group, has published a wide range of information related to South Korean nuclear reactors since last week, including personal information of some 10,000 employees of the state-run Korea Hydro & Nuclear Power Co. (KHNP).

On Tuesday, the suspect posted more information on Twitter, including four files of reactor-related information and what appeared to be blueprints of facilities, safety analysis reports of the reactors and links to news on reactor technology.

The KHNP said the information, as in previous postings, only included general, unclassified material.

It was the fifth leak of information on the Gori and Wolsong nuclear power plants, located 400 kilometers south of Seoul, in just over a week.

The team said it has also officially requested assistance from the FBI to look into the servers of Twitter, which is based in the United States.

The suspect has warned of a "second round of destruction" unless the government shuts down three nuclear reactors at Gori and Wolsong nuclear power plants by Christmas.

The Ministry of Trade, Industry and Energy said its officials will be put on 24-hour alert, and its minister, Yoon Sang-jick, was due to travel to the facilities.

Seeking to allay public fears, ministry officials reaffirmed Wednesday the hacker would not be able to cause any physical damage to the reactors. They said that the information made public so far appears to be from the power plants' operating system, which up until April 2013 had been connected to the Internet.

The nuclear power plants' innermost networks that are used to control and operate nuclear reactors are completely cut off and isolated from any outside access, making them virtually impenetrable, according to Vice Minister Moon Jae-do.

"Because the control network is operated in a completely closed environment, we believe there is no possibility of a person gaining control over nuclear reactors through hacking," he told reporters in Sejong.

Even if the hacker did get control of the reactors, all reactors in the country are designed to shut down automatically in case of any problems or emergency, he said. They can also be shut down manually in a matter of seconds by the country's 520 trained operators, Moon said.

A special drill on Monday and Tuesday confirmed the operators' ability to do so, the vice minister said.

The country's power reserves would also be intact even if the reactors pinpointed by the suspect were shut down, staying well over 8 million kilowatts, he said. The three nuclear reactors have a combined generation capacity of about 2.7 million kilowatts.

"Regardless of how sensitive the leaked information is, we are taking this matter very seriously as such information should not have been leaked in the first place, no matter how general or insignificant it is," Moon said.


Send Feedback
How can we improve?
Thanks for your feedback!