Full Title: Cyber Security at Civil Nuclear Facilities: Understanding the Risks
Author(s): Caroline Baylon, Roger Brunt, and David Livingstone
Publisher(s): Chatham House
Publication Date: September 1, 2015
Full Text: Download Resource
Description (excerpt):
Recent high-profile cyber attacks, including the deployment of the sophisticated 2010 Stuxnet worm, have raised new concerns about the cyber security vulnerabilities of nuclear facilities. As cyber criminals, states and terrorist groups increase their online activities, the fear of a serious cyber attack is ever present. This is of particular concern because of the risk – even if remote – of a release of ionizing radiation as a result of such an attack. Moreover, even a small-scale cyber security incident at a nuclear facility would be likely to have a disproportionate effect on public opinion and the future of the civil nuclear industry.
Notwithstanding important recent steps taken by the International Atomic Energy Agency (IAEA) to improve cyber security across the sector, the nuclear energy industry currently has less experience in this field than other sectors. This is partly due to the nuclear industry’s regulatory requirements, which have meant that digital systems have been adopted later than in other types of critical infrastructure. In addition, the industry’s longstanding focus on physical protection and safety has meant that while these aspects of risk response are now relatively robust, less attention has been paid to developing cyber security readiness. As a result, exploiting weaknesses in digital technology could be the most attractive route for those seeking to attack nuclear facilities without fear of interdiction.