Nuclear facilities are weak and prone to hacks from terrorists, reveals new report

Civilian nuclear sites are more prone to hacks from terrorists as facilities become increasingly dependent on digital systems, and they are taking more risks by purchasing cheap software, according to a new Chatham House report. “Recent high-profile cyber attacks, including the deployment of the sophisticated 2010 Stuxnet worm, have raised new concerns about the cyber security vulnerabilities of nuclear facilities,” the report says. “As cyber criminals, states, and terrorist groups increase their online activities, the fear of a serious cyber attack is ever present.” [caption id=“attachment_2389716” align=“alignleft” width=“380”]  File photo of Iran’s heavy water nuclear facility near the central city of Arak. AP[/caption] But that’s not all. The most terrifying thing about this new report is that even a small-scale cyber security incident at a nuclear facility would be disastrous. The report also highlights the fact that most facilities are using off-the-shelf security software, instead of building their own due to costs. “Hacking is becoming ever easier to conduct, and more widespread: automatic cyber attack packages targeted at known and discovered vulnerabilities are widely available for purchase,” the Chatham House report states. Specific findings of the report revealed that even where facilities are air-gapped, ie not connected to the internet, this safeguard can be breached with nothing more than a flash drive. The report also highlighted a lack of training, combined with communication breakdowns between engineers and security personnel, which means that there is a possibility that a nuclear facility might not know of a cyber attack until it is already substantially under way. Read the full report here.