Use your computer fearlessly.

[ Security | Consulting | Research ]

Hacked Nuclear Reactors

by Brent Kirkpatrick

(Date Published: .)

Nuclear reactors are hacked by sophisticated exploits.

Nuclear reactors in Ukraine and Iran have been hacked over the last ten years by sophisticated exploits. In 2017, the Petya cyberattack, attributed Russia, took the Chernobyl's reactor monitoring systems off-line. In 2010, the Stuxnet attack, attributed to the U.S. and Israel, is believed to have been aimed at damaging centrifuges used for uranium enrichment at Natanz in Iran.

Both these attacks were very sophisticated. In the case of Chernobyl, the exploit was a variant of the WannaCry ransomware. Stuxnet was a very sophisticated worm which was designed to automatically spread over computer networks, infecting computer after computer, until it reached its target. On its target computers, Stuxnet accelerated the spinning centrifuges until they mechanically failed.

Prevention is key in all cases. The image shows the five steps of the cybersecurity framework employed by the National Institute of Standards and Technology. The main risk is the possibility of a nuclear reactor going critical due to a cyberattack. The protection for this is to keep vital safety systems on computers that are not connected to the Internet. In addition, detection of new threats on Internet connected computers is necessary, as well as rapid response and recovery.

The risk of reactor melt-down is so grave that think tanks are pushing for special regulation and oversight for nuclear facilities. The most straight forward option is to take the safety systems off-line and disconnect vital systems from the Internet.

defendIT. AI-driven security measures derived from security incident data.

Nicole Perlroth, Mark Scott and Sheera Frenkel. "Cyberattack hits Ukraine then spreads internationally." The New York Times. June 27, 2017.

Staff. "Ukraine power cut 'was cyber-attack'." BBC. Jan. 11, 2017.

"Iran pauses uranium enrichment at Natanz nuclear plant". 24 November 2010. Retrieved 24 November 2010.

Ellen Nakashima. "Stuxnet was work of U.S. and Israeli experts, officials say". The Washington Post. 2 June 2012.

© 2015, 2016, 2017, 2018 Intrepid Net Computing. All rights reserved.