Global Nuclear Facilities 'at risk' of Cyber Attack

Uploaded on 2015-10-12 in INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Production-Energy, NEWS-News Analysis, TECHNOLOGY--Hackers

The civil nuclear infrastructure in most nations was not well prepared to defend against such attacks

The risk of a "serious cyber attack" on nuclear power plants around the world is growing, warns a report. The civil nuclear infrastructure in most nations is not well prepared to defend against such attacks, it added. Many of the control systems for the infrastructure were "insecure by design" because of their age, it said.

Published by the influential Chatham House think tank, the report studied cyber defences in power plants around the world over an 18-month period.

Cyber criminals, state-sponsored hackers and terrorists were all increasing their online activity, it said, meaning that the risk of a significant net-based attack was "ever present". Such an attack on a nuclear plant, even if small-scale or unlikely, needed to be taken seriously because of the harm that would follow if radiation were released.

In addition, it said "even a small-scale cyber security incident at a nuclear facility would be likely to have a disproportionate effect on public opinion and the future of the civil nuclear industry".

Unfortunately, research carried out for the study showed that the UK's nuclear plants and associated infrastructure were not well protected or prepared because the industry had converted to digital systems relatively recently.

This increasing digitisation and growing reliance on commercial software is only increasing the risks the nuclear industry faces. There was a "pervading myth" that computer systems in power plants were isolated from the Internet at large and because of this were immune to the kind of cyber attacks that have dogged other industries.

However, it said, this so-called "air gap" between the public Internet and nuclear systems was easy to breach with "nothing more than a flash drive". It noted that the destructive Stuxnet computer virus infected Iran's nuclear facilities via this route.

The researchers for the report had also found evidence of virtual networks and other links to the public Internet on nuclear infrastructure networks. Some of these were forgotten or simply unknown to those in charge of these organisations.

Already search engines that sought out critical infrastructure had indexed these links making it easy for attackers to find ways in to networks and control systems.
BBC: http://bbc.in/1WHz3xp

« GCHQ Can Hack My Smartphone Using a Bunch of Smurfs
UK Police Ignore Most Cyber Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Zayo

Zayo

Zayo is a leading global bandwidth infrastructure services provider for high-performance connectivity, secure colocation and flexible cloud services.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

Cyber Exchange

Cyber Exchange

Cyber Exchange provides a focal point for UK organisations connected with, or with an interest in, cyber security to connect, engage and collaborate.

NuData Security

NuData Security

NuData Security, A Mastercard Company, is an award winning behavioral biometrics company.

CyberStream

CyberStream

CyberStream, a division of the TechStream Group, is an information & cybersecurity talent acquisition solution provider.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

OCM Business Systems

OCM Business Systems

OCM are experts in the safe, secure and responsible disposal of IT & EPoS assets.

Pinpoint Search Group

Pinpoint Search Group

Pinpoint Search Group's recruiters specialize in Information Management, Cyber Security, Cloud and Robotic Process Automation (RPA).

Gytpol

Gytpol

Gytpol is a leader in Endpoint Configuration Security (ECS) solutions, providing validation, remediation & securing of IT Policies and IT Infrastructure on-premise and in the cloud.

Iowa Cyber Hub

Iowa Cyber Hub

Iowa Cyber Hub is a cybersecurity education partnership between Iowa State University and Des Moines Area Community College.

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance (TCA)

Trusted Connectivity Alliance is a global, non-profit industry association which is working to enable a secure connected future.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

North East Business Resilience Centre (NEBRC)

North East Business Resilience Centre (NEBRC)

The North East Business Resilience Centre is a non-profit organisation here to support businesses in the North East of England in protecting themselves from cyber crimes and fraud.

CyberArmor

CyberArmor

Cyber Armor defend everyday IT and OT systems, from government agencies to critical infrastructure, from system integrators to small industries.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

Clearvision

Clearvision

As an Atlassian Platinum Solution Partner, Clearvision works with teams in the UK and US, providing solutions for the Atlassian stack, Git and open source tooling.