Indian Nuclear Power Plant, Kudankulam Nuclear Power Plant (KKNPP), Hit by Malware

I wanted to have a funny headline or intro for this post, but I honestly can't find anything to joke about.  In all the madness of US Politics, this story somehow didn't show up on my news feed until I looked for my week computer security topic:

- Click for link to original article -

If there was any "humor" to be found in this story, it's that on October 29th the Nuclear Power Corporation of India Limited (NPCIL) issued a statement that a malware attack would have no impact on their plant control systems.

The malware appears to be connected to North Korea, and according to the NPCIL, was isolated to a single user's PC.  NPCIL claimed that the network the user PC was not connected to the power plant's critical internal network.

There's no information available at this time regarding if any data was stolen, but hopefully more details are revealed over the next several days.

The Latest Data Breach Everyone Is Talking About: NordVPN

Well, another week brings another data breach (it feels that way at least).  This week news broke that NordVPN was the latest victim of a data breach.

NordVPN released an official response

Thankfully, it does not appear that any NordVPN customer data was compromised.  Here's a quick break-down of the issue:

• A data center in Finland, where NordVPN had a contract for server hosting, experienced a breach.  The breach involved a single server.
• The data center allowed remote management to remain enabled on the server long enough for an intruder to access the server.
• The intruder did not obtain customer information, but did steal a TLS key.
• NordVPN claims that the stolen key was already expired.
• After learning about the breach, NordVPN terminated their contract with the Finland data center.

Cancer Treatment Centres of America Suffers A Data Breach. Again.

The Atlanta location for one of Cancer Treatment Centers of America hospitals fell victim to a phishing attack last month, resulting in nearly 4,600 patient’s data being copied.

Howard Solomon breaks down the recent breach, as well as noting that this is the FIFTH data breach for Cancer Treatment Centers of America since November 2018.

Phishing attacks may very well be the most frustrating aspect of computer security for anyone in IT.  Firewalls, VPNs, 10+ digit password, etc. all mean nothing if employees fall for phishing attempts and provide access to information willingly.

The attacks are so effective, Solomon noted in his article that the Atlanta location has now victim to three attacks since November 2018.  A representative from Cancer Treatment Centers of America stated that employees will be going through more extensive security training, so hopefully it makes a difference going forward.