Nuclear power plants warned on cyber security

October 5, 2015
Technicians are pictured as they work on the simulator control panel during an exercise on nuclear security at the Civaux Nuclea
Technicians are pictured as they work on the simulator control panel during an exercise on nuclear security at the Civaux Nuclear Power plant, 34 kms southeast of Poitiers, western France, on September 22, 2015

Operators of nuclear power plants worldwide are "struggling" to adapt to the increasing and potentially dangerous threat of cyber attacks, a report warned Monday.

The "is beginning -– but struggling -– to come to grips with this new, insidious threat," the Chatham House think-tank in London said in a study based on 18 months of investigation.

Its findings suggest that "lack preparedness for a large-scale cyber security emergency, and there would be considerable problems in trying to coordinate an adequate response."

It highlighted insufficient funding and training, a "paucity" of regulatory standards, increasing use of digital systems and greater use of cheaper but riskier commercial "off-the-shelf" software.

In addition there is a "pervading myth" that are protected because they are "air gapped"—in other words not connected to the Internet.

In fact, many nuclear facilities have gradually developed some form of Internet connectivity, and computer systems can be infected with a USB drive or other removable media devices.

This was the case with Stuxnet, a virus reportedly developed by the United States and Israel—and implanted with a flash drive—which caused Iran's major problems in 2010.

Chatham House added that Stuxnet, which it said is also believed to have infected a Russian nuclear plant, has had the unintended effect of teaching cyber criminals how to improve their techniques.

"Once Stuxnet's existence became publicly known, hackers around the world took inspiration from the way it functioned and incorporated some of its features into malware to suit their own purposes," it said.

Explore further: Chevron says hit by Stuxnet virus in 2010

Related Stories

Chevron says hit by Stuxnet virus in 2010

November 9, 2012

Oil giant Chevron was struck by the Stuxnet virus, a sophisticated cyber attack that tore through Iran's nuclear facilities and is believed to have been launched by the United States and Israel.

Iran poses growing cyber threat to US

April 16, 2015

Iran poses a growing threat to America's computer networks and has launched increasingly sophisticated digital attacks and spying on US targets, according to a new report released Thursday.

Iran says Duqu malware under 'control'

November 13, 2011

Iran said on Sunday it had found a way to "control" the computer malware Duqu, which is similar to Stuxnet virus which in 2010 attacked its nuclear programme and infected more than 30,000 computers.

Second computer worm 'hits Iran'

April 25, 2011

Iran has been hit with new malicious software as part of cyber attacks against the country, a military officer told Mehr news agency on Monday without specifying the target.

Recommended for you

New method analyzes corn kernel characteristics

November 17, 2017

An ear of corn averages about 800 kernels. A traditional field method to estimate the number of kernels on the ear is to manually count the number of rows and multiply by the number of kernels in one length of the ear. With ...

Optically tunable microwave antennas for 5G applications

November 16, 2017

Multiband tunable antennas are a critical part of many communication and radar systems. New research by engineers at the University of Bristol has shown significant advances in antennas by using optically induced plasmas ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.