Nuclear power plants warned on cyber security

October 5, 2015
Technicians are pictured as they work on the simulator control panel during an exercise on nuclear security at the Civaux Nuclea
Technicians are pictured as they work on the simulator control panel during an exercise on nuclear security at the Civaux Nuclear Power plant, 34 kms southeast of Poitiers, western France, on September 22, 2015

Operators of nuclear power plants worldwide are "struggling" to adapt to the increasing and potentially dangerous threat of cyber attacks, a report warned Monday.

The "is beginning -– but struggling -– to come to grips with this new, insidious threat," the Chatham House think-tank in London said in a study based on 18 months of investigation.

Its findings suggest that "lack preparedness for a large-scale cyber security emergency, and there would be considerable problems in trying to coordinate an adequate response."

It highlighted insufficient funding and training, a "paucity" of regulatory standards, increasing use of digital systems and greater use of cheaper but riskier commercial "off-the-shelf" software.

In addition there is a "pervading myth" that are protected because they are "air gapped"—in other words not connected to the Internet.

In fact, many nuclear facilities have gradually developed some form of Internet connectivity, and computer systems can be infected with a USB drive or other removable media devices.

This was the case with Stuxnet, a virus reportedly developed by the United States and Israel—and implanted with a flash drive—which caused Iran's major problems in 2010.

Chatham House added that Stuxnet, which it said is also believed to have infected a Russian nuclear plant, has had the unintended effect of teaching cyber criminals how to improve their techniques.

"Once Stuxnet's existence became publicly known, hackers around the world took inspiration from the way it functioned and incorporated some of its features into malware to suit their own purposes," it said.

Explore further: Chevron says hit by Stuxnet virus in 2010

Related Stories

Chevron says hit by Stuxnet virus in 2010

November 9, 2012

Oil giant Chevron was struck by the Stuxnet virus, a sophisticated cyber attack that tore through Iran's nuclear facilities and is believed to have been launched by the United States and Israel.

Iran poses growing cyber threat to US

April 16, 2015

Iran poses a growing threat to America's computer networks and has launched increasingly sophisticated digital attacks and spying on US targets, according to a new report released Thursday.

Iran says Duqu malware under 'control'

November 13, 2011

Iran said on Sunday it had found a way to "control" the computer malware Duqu, which is similar to Stuxnet virus which in 2010 attacked its nuclear programme and infected more than 30,000 computers.

Second computer worm 'hits Iran'

April 25, 2011

Iran has been hit with new malicious software as part of cyber attacks against the country, a military officer told Mehr news agency on Monday without specifying the target.

Recommended for you

Samsung to disable Note 7 phones in recall effort

December 9, 2016

Samsung announced Friday it would disable its Galaxy Note 7 smartphones in the US market to force remaining owners to stop using the devices, which were recalled for safety reasons.

Swiss unveil stratospheric solar plane

December 7, 2016

Just months after two Swiss pilots completed a historic round-the-world trip in a Sun-powered plane, another Swiss adventurer on Wednesday unveiled a solar plane aimed at reaching the stratosphere.

Solar panels repay their energy 'debt': study

December 6, 2016

The climate-friendly electricity generated by solar panels in the past 40 years has all but cancelled out the polluting energy used to produce them, a study said Tuesday.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.