The nuclear power industry has always been nervous about people’s fear of some form of nuclear meltdown. Whether it was Three Mile Island or Chernobyl, the spectre of something bad happening at a nuclear plant has been the story of made for TV movies.
The UK Telegraph newspaper has obtained information, using a freedom of information request, that indicates that the UK National Cyber Security Center, part of the GCHQ (sort of equivalent to the US NSA), has been helping a British nuclear plant recover from a cyber attack.
This news comes after reports last year from the FBI and DHS that the Russians (and not the Chinese) have been have been attacking our critical infrastructure, at least since 2016.
Because they are worried that people will freak out, they are keeping the details of who was hacked and what was hacked secret. I am sure that will make people feel better. Unless the attack was really bad. In which case not knowing and speculating might be better than knowing.
The document, from a Nuclear Decommissioning Agency Board Meeting was dated March 13, 2019. The Telegraph says that it is likely the first KNOWN successful cyber attack on a British nuclear plant. I am not sure how comforting that is. They are not suggesting that it is the first successful attack but rather the first successful attack that we have heard about.
Since no one is providing details, we don’t know whether this is a Chernobyl-style issue or a random computer virus on an office computer. On the other hand, if they had to ask GCHQ for help, I am guessing that it is not an office virus.
One security expert pointed out that if you assume whichever nuke plant or plants were hacked are no less secure than the ones that haven’t been hacked YET, it isn’t smart to tell other hackers how this or these plants were hacked.
This follows on to the revelation in October that an Indian nuclear plant was hacked – after they first said that reports of a hack was a lie. I guess the lie was by the Indian government.
This also follows the WSJ article that said that more than a dozen US utilities were targeted (I assume successfully) by hackers recently
In fairness we should not forget that the US hacked Iran’s nuclear program years ago. We would say that we are the good guys, so that is okay. Not everyone might agree with that interpretation, including Russia, so they might say that the US legitimized hacking the nuclear industry. Source: The Telegraph .