Up & Atom

Nuclear Power Corporation of India Limited (NPCIL) announced on October 30 that the malware “Dtrack” had been found on the administrative network of the Kudankulam Nuclear Power Plant (KKNPP) in early September 2019. KKNPP is the largest nuclear power plant in India, equipped with two Russian-designed VVER pressurized water reactors, each with a capacity of 1,000 megawatts. Both reactor units feed southern India’s power grid.

Join Morgan Lewis lawyers for upcoming programs.

The Nuclear Regulatory Commission’s (NRC’s) Assistant Inspector General for Audits issued a memorandum on August 20 on the status of recommendations based on the Office of Inspector General’s (OIG’s) Audit of NRC’s Cyber Security Inspections at Nuclear Power Plants (OIG-19-A-13). As previously reported on Up & Atom, OIG recommended that the NRC work to close the critical skill gap for future cybersecurity inspection staffing, and develop and implement cybersecurity performance measures for licensees to use to demonstrate sustained program effectiveness. Based on the NRC’s July 3, 2019, response, OIG has issued this status of recommendations.

Following the July 12, 2019, release of “Power Reactor Cyber Security Program Assessment,” the Nuclear Regulatory Commission’s (NRC’s) Director of Physical and Cyber Security Policy in the Office of Nuclear Security and Incident Response issued a memorandum to NRC Staff on August 6, 2019.

On July 25, 2019, the United States Government Accountability Office (GAO) released GAO-19-384, a report to congressional requesters analyzing the cybersecurity risk management of 23 civilian agencies—including the Nuclear Regulatory Commission (NRC).

Staff members from the US Nuclear Regulatory Commission’s (NRC’s) Office of Nuclear Security and Incident Response and Office of Nuclear Reactor Regulation held a public meeting on June 17 to discuss a summary of the Assessment of the NRC’s Power Reactor Cyber Security Program.