Recently, the Korea Hydro & Nuclear Power Company came under fire after a security sweep detected a rogue USB dongle attached to the air-gaped nuclear reactor’s computer system. The South Korean nuclear reactor does not use the open internet for communication so the possibility for an attack to occur is very slim; however, the physical security of the reactor has raised serious concerns with the South Korean parliament.
A statement that was released by the South Korean Ministry of Energy reported that the USB device was most possibly introduced by the factory workers. For critical infrastructures such as energy and power grids, security policies dictate what, if any, personal electronics or USB devices are allowed and to what extent. Anyone remember Stuxnet – the bug that attacked an Iranian nuclear power facility and bringing it to its knees?
From the preliminary reports, there is no suggestion that North Korea has any involvement. So far, there is no evidence that the malware made it onto the nuclear system during the posting of this feature. If there is anything to learn from this event, is that the security sweep did what it was suppose to: if not to deter security threats, at least detect and reduce or eliminate the threat.