Cyber attacks and other security risks have quickly become a top concern of nuclear facility managers and personnel. The growing threat of cyber espionage and even sabotage is very real, and nuclear power plants are a natural target. In fact, it has become clear that nuclear plants are under even more cybersecurity risk than was expected, in part due to inadequate security measures.
Here’s what you need to know about cyberattacks on nuclear facilities in the modern age.
Nuclear Facilities Targeted
Recent years have seen a dramatic rise in advanced cyber attacks. The Stuxnet worm of 2010 resulted in a highly dramatic infiltration of Iran’s nuclear program. 2003 saw the infection of the Ohio-based Davis-Besse nuclear power plant by the Slammer worm, resulting in reactor core safety data becoming unavailable for a number of hours. In 2014, cyber criminals hacked into and stole blueprints of at least two nuclear reactors amongst other sensitive data from the Korea Hydro and Nuclear Power Co. The information was in turn held for ransom.
Industry Vulnerabilities
In a series of interviews of 30 nuclear industry experts, researchers from the Royal Institute of International Affairs’ Chatham House found that the nuclear industry is not prepared to deal with the threat of a wide-spread cyber attack. In the U.S., an attack that takes out two to three power plants would result in major blackouts. In countries like France, where larger portions of the population depend on nuclear-generated electricity, the issue is even more pressing.
Typical power plant personnel do not understand cybersecurity procedures, in part because of a lack of training and clearly written protocols. Regular participation in cybersecurity drills is also quite rare. Across the board, it has become clear that digital security systems have been adopted late, in part due to regulatory restrictions and the high cost of equipment and upgrades. The shift in focus from physical safety and security to digital protection is one that has proven to take more time than was initially projected.
Looking Forward
It has become increasingly clear that in order to prepare for the worst-case scenario of the release of radioactive material, sweeping industry changes must be implemented. Though such a cyberattack may not be an immediate threat, with the growing capabilities of well-financed terrorist groups such as ISIS and various hacker-for-hire companies found across the globe, these threats need to be taken seriously. Cyber vulnerabilities need to be identified and responded to within the nuclear sector on a prioritized basis. If they are not, then it really is only a matter of time before the worst takes place. Without swift and widespread action, the nuclear industry may not only remain exposed, it will also fall behind the times as digital security becomes more prevalent and necessary.
At ESGI, we believe in open, honest, and timely communication with our candidates and employees. We keep your needs and preferences first and foremost. Contact our great team of recruiters today to learn more about energy careers and how we can help you take the next step.
