Nuclear Waste Dump Faces Prosecution For Cyber Security Offences

Uploaded on 2024-04-04 in BUSINESS-Production-Energy, BUSINESS-Services-Law, FREE TO VIEW

The United Kingdom’s independent nuclear safety regulator announced on 28th March that it will be prosecuting the managing company of the Sellafield nuclear site in Cumbria. The charges include “alleged information technology security offenses during a four year period between 2019 and early 2023.” the Office for Nuclear Regulation (ONR) has said.

Sellafield is Europe’s largest nuclear facility, serving as a testing ground and waste dump since 1947. It houses a massive range of highly radioactive wastes, including 140 tonnes of plutonium, which is a key ingredient for nuclear weapons.

The ONR said recently “The ONR has notified Sellafield Ltd that it will be prosecuted under the Nuclear Industries Security Regulations 2003.”

“These charges relate to alleged information technology security offences during a four year period between 2019 and early 2023... There is no suggestion that public safety has been compromised as a result of these issues,” the ONR said.

Sellafield, which has more than 11,000 staff, was placed into a form of “special measures” for consistent failings on cybersecurity in 2022, according to sources at the ONR and the security services.

This site has the largest global store of plutonium and is a massive nuclear waste dump from weapons and atomic power generation.

Sellafield’s computer servers were deemed so insecure that the problem was nicknamed Voldemort after the Harry Potter villain, according to a government official familiar with the ONR investigation and IT failings at the site, because it was so sensitive and dangerous.

At the time, Sellafield said that “all of our systems and servers have multiple layers of protection”. “Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these,” it said.

Offic for Nuclear Regulation     |     The Guardian     |     The Record     |     Bit Defender   | Telegraph     |     Mirror   |

BBC     |     No 2 Nuclear Power

Image: Ideogram

You Might Also Read: 

The UK Nuclear Industry Needs To Take Cybersecurity More Seriously:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Amazon Invests $2.75bn In AI Startup
Cambridge University Medical IT System Hacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

Performanta

Performanta

Performanta offer a consultative approach to people, process and technology, focusing on security projects in line with adversarial, accidental and environmental business risk.

Neoteric Networks

Neoteric Networks

We deliver a no nonsense procedure to implementing technology. The technology selection process ensures that all customers enjoy an engineered methodology implementing technology.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

Pentest People

Pentest People

Pentest People are a UK-based security consultancy focussing on bringing the benefits of Pentesting as a Service (PTaaS) to all its clients.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

UKAS

UKAS

UKAS is the national accreditation body for the UK. The directory of members provides details of organisations offering certification services for ISO 27001.

Redstor

Redstor

Redstor's complete data management helps you discover, manage and control your data from a single control centre, unifying backup and recovery, disaster recovery, archiving and search and insight.

SurePassID

SurePassID

SurePassID is a provider of highly secure, highly extensible multi-factor authentication (MFA) solutions.

Hassans International Law Firm

Hassans International Law Firm

Hassans is the largest law firm in Gibraltar, providing a full range of legal services across corporate and commercial law including Data Protection and GDPR compliance.

Bytes Technology Group

Bytes Technology Group

Bytes is a leading provider of world-class IT solutions. Our growing portfolio of services includes cloud, security, licensing, SAM, storage, virtualisation and managed services.

Bugbank

Bugbank

Bugbank (aka Vulnerability Bank) is a leading SaaS platform for internet security services in China.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

CLEAR

CLEAR

With more than 17 million members and a growing network of partners across the world, CLEAR's identity platform is transforming the way people live, work, and travel.

Iron Mountain

Iron Mountain

Iron Mountain Incorporated is a global business dedicated to storing, protecting and managing, information and assets.

Sprocket Security

Sprocket Security

Sprocket Security protects your business by monitoring the cybersecurity landscape and performing continuous penetration testing services.