HomeIndiaPower Plant Data Leak Spotlights Cyber Risks In India’s Nuclear Expansion

Power Plant Data Leak Spotlights Cyber Risks In India’s Nuclear Expansion

Power Plant Data Leak Spotlights Cyber Risks In India's Nuclear Expansion

Power Plant Data Leak Spotlights Cyber Risks In India’s Nuclear Expansion

India-West News Desk

WASHINGTON, DC – A cyber breach involving contractor documents related to India’s Kudankulam Nuclear Power Plant has raised fresh concerns about cybersecurity safeguards surrounding the country’s expanding nuclear infrastructure, according to an opinion article published by Eurasia Review.

The article argues that the incident comes as the Narendra Modi government pursues an ambitious expansion of India’s nuclear power program, including greater private sector participation and stronger international partnerships with countries such as Russia, France and the United States.

According to the report, Reliance Infrastructure, which has been involved in the construction of Units 3 and 4 at the Kudankulam Nuclear Power Plant since 2018, suffered a cyberattack in which the World Leaks ransomware group claimed to have accessed approximately 858,000 internal files. Nearly 19,000 files were later posted on the dark web.

The report says Reliance Infrastructure confirmed a partial breach involving a server hosted by third-party provider Yotta Data Services. Yotta reportedly detected suspicious activity on May 29.

The leaked documents reportedly included ventilation and cooling system blueprints for Kudankulam Units 3 and 4, common control room layouts, supplier information and 2024 inspection records. Although the files did not include core reactor systems supplied by Russia’s Rosatom, the article says they provide insights into supporting infrastructure and access pathways that could help adversaries identify vulnerabilities.

Nuclear facilities rely on multiple layers of protection and revealing how those systems are interconnected can undermine security, trigger extensive reviews and require operators to strengthen safeguards.

The article also notes that Kudankulam experienced a malware infection in 2019 that Indian authorities linked to a North Korean hacking group, although officials said operational systems were unaffected. It further points out that the World Leaks ransomware group has previously targeted major corporations, including Tata, in extortion campaigns.

The opinion piece argues that India’s growing reliance on private contractors and third-party service providers for critical infrastructure has increased cybersecurity challenges as the country expands its nuclear energy program. While the Modi government is seeking faster project execution and greater private investment to meet energy goals, the report contends that cybersecurity oversight of contractors has not kept pace.

According to author Nimra Khalil, stronger audits, uniform cybersecurity standards, tighter oversight of contractors and third-party vendors, and greater investment in domestic cybersecurity capabilities are needed to better protect critical infrastructure.

The writer concludes that India’s long-standing vision of nuclear self-reliance now depends as much on protecting digital networks, contractors and supporting systems as it does on safeguarding nuclear reactors, arguing that the Kudankulam breach offers an opportunity to strengthen cybersecurity before further expanding the country’s nuclear ambitions.

Share With:
No Comments

Leave A Comment