The risk of a “serious cyber attack” on nuclear power plants around the world is growing, warns a report.
[…]
Unfortunately, research carried out for the study showed that the UK’s nuclear plants and associated infrastructure were not well protected or prepared because the industry had converted to digital systems relatively recently.
This increasing digitisation and growing reliance on commercial software is only increasing the risks the nuclear industry faces.
There was a “pervading myth” that computer systems in power plants were isolated from the internet at large and because of this were immune to the kind of cyber attacks that have dogged other industries.
However, it said, this so-called “air gap” between the public internet and nuclear systems was easy to breach with “nothing more than a flash drive”. It noted that the destructive Stuxnet computer virus infected Iran’s nuclear facilities via this route.
The researchers for the report had also found evidence of virtual networks and other links to the public internet on nuclear infrastructure networks. Some of these were forgotten or simply unknown to those in charge of these organisations.
Read more at Global nuclear facilities ‘at risk’ of cyber attack