View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 5, 2015

Nuclear cyber-terror risk on the rise

News: Report warns that a 'proactive' approach to cyber-security is needed.

By Alexander Sword

Nuclear power plants could become targets of cyber-attacks due to their increasing digitisation and exposure to public internet.

The report by think tank Chatham House, which studied cyber defences in power plants, warned that personnel in the industry might not realise the extent of vulnerability and urged a "proactive" rather than "reactive" approach.

While nuclear facilities are widely believed to be "air gapped", or separated from public internet, a number of nuclear facilities have VPN connections installed, the report says.

In addition, where there is air gapping, a flash drive can easily be used to breach this protection.

The report also noted that even where the facilities themselves were secure, equipment used could be compromised elsewhere in the supply chain.

Among other recommendations, the report suggested that guidelines be developed to measure cyber risk in the industry, as well as universal adoption of regulatory standards.

In addition, Chatham House suggested ‘robust dialogue’ was needed to raise awareness of risk, and disclosure should be improved by encouraging anonymous information-sharing. Industrial Computer Emergency Response Team should be established, it said.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

It was also suggested that personal devices be given a firm ban as part of rules to promote "good IT hygiene".

Bob Tarzey, Analyst and Director, said that malware would be a significant danger.

"One of the most concerning observations is that sophisticated malware, such as Stuxnet, which most believe was developed by the US and Israeli governments, may now be used against them by these actors."

However, he argued that infrastructure "should be relatively easy to secure compared to say a retail web site.

"Physical and network isolation is easier to achieve and access can be strictly limited. The reason such sites remain vulnerable is that the infrastructure was put in place a long time ago before cyber-attacks were being taken seriously and the sector has been tardy in addressing this."

The report interviewed 30 industry practitioners, policy-makers and academics and convened three expert roundtables over an 18-month period.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU