Aditya_V wrote:Incident could have been an attempt yes, but without managing to shut down KNPP-2?
The way things seem to have played out, there was no intention to cripple or even shut down the reactor. That would have been the easiest and also the fastest and most foolish way to get caught.It appears that a lot of operational data may have been accessed and that may have been the intent all along.
The rest of the histrionics playing out is just the scene 2 act 2 of the great Indian baboo(n)dom's usual spectacular theatrical production and embellished dramatization of the magnum opus called "CYA or cover your arse", first copyrighted by the britshits in 1857, thereafter reverentially passed on to the ICS and thence onwards to the spider webbed successor organisation of the "Indian baboo(n)s"
just saying onlee.
1) Microsoft AD was compromised
2) So all usernames/passwords for all computers/Laptops joining there would be compromised as well.
3) Since AD can push certain security policies to all clients (all computers/Laptops joining the domain), these policies would be compromised as well
4) Now if Gods forbid if network switches/firewalls etc are integrated with AD for authentication/authorization, this would be compromised as well
5) Users PCs/laptops generally are configured to save their work files on shares on the AD, assume a compromise of this as well
6) Generally AD would be integrated with other servers as well, so............
7) Now as to what the work files contain, could be details about tenders, attendance data, financial data etc, hopefully no moronic admin created a file called "All devices username/passwords".txt file!!!!
Above would be typical scenario in any "administrative section".
Now coming to the "industrial/plant/reactor network":-
1) They have their own controllers that can be integrated with TCP/IP
2) This network needs to be totally separate from the above mentioned "administrative section".
3) This network also can have its own set of servers (Microsoft/Unix/etc) with even another AD
Hopefully nothing got into the "industrial/plant/reactor network".