Nuclear Power Plants Unprepared for Cyber Attack, Report Says

Nuclear Power Plants Unprepared for Cyber Attack, Report Says

Many nuclear power plants around the world are not well prepared to defend against cyber attacks, according to a report from international think tank Chatham House.
Researchers in the report studied cyber defenses in nuclear plants worldwide for 18 months. They concluded that plant infrastructure was “insecure by design” because of their age. Digital systems have been adopted later in the nuclear industry than in other sectors.

The industry’s focus has also been on physical security and safety, which means less focus has been on cybersecurity, the report said. One such incident was the Stuxnet worm, which was a computer virus that had infiltrated computers at the Bushehr nuclear power plant in Iran in 2010.
Some industry-wide challenges the report spells out include the infrequency of cyber security incident disclosure at nuclear plants, which makes it difficult to assess the true extent of the problem and lead personnel to believe there are fewer incidents; limited cybersecurity standards and communication between cybersecurity companies and vendors; potential insufficient spending on cybersecurity; and fewer resources in developing countries to invest in cybersecurity.
There are also cultural and technical challenges, such as a lack of integrated cybersecurity drills between nuclear plant personnel and cybersecurity personnel, reactive instead of proactive approaches and supply chain vulnerabilities.
Some recommendations the report makes are to assess the risk and attract more investment in cyber defenses, engage in robust dialogue between engineers and contractors to raise awareness of the risks, develop guidelines to measure risks in the nuclear industry, and implement rules not already in place to promote good IT “hygiene” in nuclear facilities.
Subscribe to Nuclear Power International magazine

Did You Like this Article? Get All the Energy Industry News Delivered to Your Inbox

Subscribe to an email newsletter today at no cost and receive the latest news and information.

 Subscribe Now


Making DDoS Mitigation Part of Your Incident Response Plan: Critical Steps and Best Practices

Like a new virulent strain of flu, the impact of a distributed denial of service (DDoS) attack is...

The Multi-Tax Challenge of Managing Excise Tax and Sales Tax

To be able to accurately calculate multiple tax types, companies must be prepared to continually ...

Operational Analytics in the Power Industry

Cloud computing, smart grids, and other technologies are changing transmission and distribution. ...

Maximizing Operational Excellence

In a recent survey conducted by PennEnergy Research, 70% of surveyed energy industry professional...