Governments Don't Do Enough to Protect Nuclear Facilities From Cyberattacks

mdsolar writes: Twenty nations with significant atomic stockpiles or nuclear power plants have no government regulations requiring minimal protection of those facilities against cyberattacks, according to a study by the Nuclear Threat Initiative. The findings build on growing concerns that a cyberattack could be the easiest and most effective way to take over a nuclear power plant and sabotage it, or to disable defenses that are used to protect nuclear material from theft. The countries on the list include Argentina, China, Egypt, Israel, Mexico and North Korea.

Why does a nuclear facility need to be connected?

[Eloking]

Just a little thought, why does the network that control of a nuclear facility need to be connected to the internet? I'm not saying it should be unplugged, but why they couldn't simply make two separate network? One for computer, the other to control the facility.

Fear because of lack of government?

[thegarbz]

The entire summary and article says we should be quaking in our boots because the government didn't mandate something specific in some countries. Also why is North Korea on the list?

Normally mdsolar posts some clickbaity fear article about how renewable is the only way to go, but quite frankly this is a big yawn.

Re:Why does a nuclear facility need to be connecte

[Mr+D+from+63]

Just a little thought, why does the network that control of a nuclear facility need to be connected to the internet? I'm not saying it should be unplugged, but why they couldn't simply make two separate network? One for computer, the other to control the facility.

It isn't connected to the internet . These authors do a good job of confusing the reader. They do not distinguish between systems that control actual nuclear related equipment, communications and administrative networks, facility controls (hvac), etc. They also dont distingush between facilities that do nuclear research in a lab with little risk to start with vs those that process high grade materials vs those that just store materials. And they try to make some jump to conclusions that power plants are included, all of which works toward their agenda.

Re:WTF

[Mr+D+from+63]

My initial reaction would be that anyone who allows an internet connection anywhere inside a nuclear power plant, storage facility, or weapons system is in serious need of psychiatric help. Is that going to make office work, etc a bit harder? I should think it will. So what?

And, although nuclear power plants are not the facilities they are talking about, and although nuclear plants absolutely don't connect their controls to the internet, you have reacted exactly as the authors wanted you to.

Yea, mdsolar

[tomhath]

Everything he posts is either anti-nuke FUD or solar power fantasy.

Re:Why does a nuclear facility need to be connecte

[Boglin]

Many moons ago, I had a friend who was a nuclear engineer at a power plant. His plant didn't have a separate computer network for the reactor simply because computers weren't allow to connect to the reactor. Anything piece of hardware with enough complexity to achieve Turing completeness was forbidden. When he wanted to add a monitoring circuit somewhere that included more than some piddly number of transistors, he had to document ever possible state that the system could enter.

Re:Yeah, because the government needs to tell them

[Mr+D+from+63]

Lets summarize this article in one sentence from the article

Because of the secrecy surrounding military nuclear facilities, it was impossible to determine the levels of cyberprotection used to protect nuclear weapons in the nine countries known to possess them.

Re:Why does a nuclear facility need to be connecte

[GuB-42]

Stuxnet broke through airgaps via infected USB keys.
When you are against the NSA or similar entities, disconnecting from the internet is not enough to protect you from cyberattacks.