South Korea’s government-run hydroelectric and nuclear power company was threatened by an enigmatic group of hackers last week, at the same time the North Korean government was threatening to attack the United States and its allies for daring to suggest that Kim Jong Un’s regime might be behind the attack on Sony Pictures. South Korea puts up with a steady stream of mischief from hackers who profess varying degrees of separation from the North Korean government, but this latest threat was taken very seriously.
The mysterious attackers stole and published blueprints of South Korean nuclear reactors and personal data on plant employees, along with some ominous technical data related to accidental radiation exposure, and suggested something bad would happen if at least three of the country’s 23 reactors were not shut down by Christmas Day. As the UK Independent reported, anti-nuke radicals in Hawaii claimed responsibility for the data leak, but their culpability was not firmly established. Students of the First Cyber War should by now be familiar with the shadow dances of deniability and separation conducted by hostile regimes, and the converse possibility that the work of independent digital vandals could be mistakenly attributed to foreign powers with aligned interests… especially if said foreign powers make a point of applauding when something goes kablooey. Nobody’s wearing a uniform or marching under a flag in this new brand of warfare.
The South Korean government took the threat seriously enough to conduct emergency drills and step up cybersecurity efforts. Emergency teams were put on standby alert through New Year’s Day.
Reuters reported last Monday that although South Korea’s KHNPC power company said the data stolen by the hackers was “non-critical,” and expressed confidence it could block more serious attacks designed to compromise plant operations, doubts were expressed by some security analysts. “This demonstrated that, if anyone is intent with malice to infiltrate the system, it would be impossible to say with confidence that such an effort would be blocked completely, and a compromise of nuclear reactors’ safety pretty clearly means there is a gaping hole in national security,” warned Suh Kune-yull of Seoul National University.
Today brings word that a fatal accident has occurred at the site of a nuclear plant under construction in the southeastern city of Ulsan. According to a report by International Business Times, KHNPC does not officially believe the incident is linked to the hacker attack from earlier this week, but the circumstances surrounding the death of three plant workers remain murky. Apparently some form of toxic gas was accidentally released and inhaled by the three workers, who passed out and were transported to a nearby hospital, where efforts to revive them proved unsuccessful. It’s not yet known if the gas system was connected to a computer that could have been hacked to trigger its release, or compromised with more mundane forms of sabotage; in fact, the South Korean energy ministry is still uncertain about what sort of gas was released, theorizing that it might have been nitrogen from the cooling system. According to reports at both IBT and the Associated Press, KHNPC won’t even confirm if the plant under construction had a nitrogen cooling system.
For the moment, all evidence is speculative and circumstantial. This could have just been a terrible accident, coincidentally occurring after threats leveled against the South Korean nuclear power industry by hackers who may have been freelance environmental extremists. Some will laugh at the notion that such a convenient disaster could have occurred coincidentally, while others – particularly those who remain skeptical that the North Korean government had a direct role in the Sony attack – will caution against drawing conclusions based solely on the denial that random misfortune is possible. It’s a safe guess that those South Korean standby security teams are going to have an even less relaxing holiday week than they thought.