Lax Cybersecurity at Nuclear Facilities is a Recipe For Widespread Disaster

Pierluigi Paganini December 10, 2016

Experts at the Nuclear Industry Summit (NIT) explained how to reduce the risk of damaging cyberattacks at nuclear facilities.

The threat of cyber attacks on nuclear power plants and other nuclear facilities is substantial and on the increase, according to experts at the Nuclear Industry Summit, held earlier in the year. Hackers are becoming more skillful and dangerous in a way that could have a devastating impact on nuclear facilities and grids.

It is imperative that businesses, governments, and regulators make cybersecurity an industry-wide priority. Experts at the Nuclear Industry Summit (NIT) emphasized that hackers have turned their focus on these systems because therein lies the key to causing massive chaos and damage.

The most successful publicly known cyberattack on a nuclear facility utilized malware which caused serious damage to production equipment at an Iranian plant that was enriching nuclear materials. That virus was the infamous Stuxnet, which was able to induce the facility’s centrifuges to spin out of control and break down.

Potential attacks on non-nuclear, major industrial sites is also gravely concerning. For instance, an attack on Ukraine’s electrical grid left thousands of people without power. The attackers used a program called BlackEnergy which targets industrial control systems. According to RegBlog, “cybersecurity threats are an all-too-real risk for many buildings and electric grids connected to the Internet. According to a U.S. Department of Homeland Security report, although ‘the energy sector only represents 5-6 percent of U.S. GDP, the energy industry is subject to roughly 32 percent of all cyberattacks.”

In October, Yukiya Amano, Director-General of the International Atomic Energy Agency (IAEA), United Nations (UN) nuclear watchdog, a nuclear power plant in Germany was hit by a “disruptive” cyber attack two to three years ago.

At that time, Security Affairs noted that it was not the first time that news of a cyber attack on a nuclear plant had been announced. There had already been three publicly known attacks against nuclear plants:

Nuclear Facilities

To make matters worse, it is also believed that ISIS hackers could target European nuclear power stations. This warning was issued by the UN in October. The organization’s nuclear watchdog group indicated that cyber cyberjihadis will attempt to hack into any vulnerable installations in their quest to commit large-scale acts of terrorism.

According to The Sun, the Brussels bombers had previously researched attacking a Belgian power plant prior to their deadly suicide attack on the capital’s airport and metro.

“International security experts have warned that as their territorial dominance abates, they will focus more of their attention on cyber terror.

Though blowing up a nuclear power station is still thought to be beyond the capabilities of most militant groups at present some vulnerabilities could still be exploited, boffins warned.

Belgium’s nuclear plants are a potential target, according to European Union officials. But, countries are not prepared to handle nuclear facility attacks and the nuclear industry continues to underestimates cyber security risk–the components of a recipe for a nuclear disaster.

A report published this week, by the Nuclear Threat Initiative (NTI), outlines a set of recommendations for improving cyber security at nuclear facilities. The recommendations are based on 12-months of analysis by an international group of technical and operational experts.

One of the most crucial recommendations involves efforts to essentially institutionalize cybersecurity. Nuclear facilities would need to learn from their safety and physical security programs, as well as integrate these methods into their cybersecurity programs.

In addition to institutionalizing cybersecurity, the following was also recommended:

  • Governments and regulators are encouraged to assist by prioritizing the development and implementation of regulatory frameworks, in addition to attracting skilled people into this field.
  • Employ active defenses. Experts caution that a determined adversary will likely be capable of breaching the systems of a nuclear facility, so organizations must be prepared and capable of responding to such incidents.
  • Threat information should be shared, incidence response exercises conducted, more resources obtained from governments and active defense capabilities developed.
  • Digital systems should be designed with less complexity.
  • Engage in research which will lead to the development of difficult to hack systems. Ideally, this would include governments “investing in transformative research, the nuclear industry supporting the cybersecurity efforts of relevant organizations, and international organizations encouraging creativity for mitigating cyber threats.”

While these recommendations are being carried out, emphasis should be placed on the human element. The Stuxnet incident demonstrates how a tenacious hacker can overcome cyber protection efforts simply by targeting vulnerable employees.

Ryan Kalember, of Proofpoint, a cybersecurity firm, has remarked that, “the lesson from that is that people are always the weak link in the [cybersecurity] chain.”

Written by: CandiceLanier

candicelanierAuthor Bio:

Candice Lanier is Chief of Security at BlackOps Cyber, an intelligence agency specializing in counterterrorism, cybercrime and Darknet operations. She is a former member of GhostSec, a group of ethical hackers focused on counterterrorism, which merged with BlackOps Cyber. Candice also writes for RedState, The Christian Post, The Blacksphere and Medium.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Nuclear Facilities, cyber security)



you might also like

leave a comment