Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Attackers Have Successfully Hit A Nuclear Power Plant And A Lab (reuters.com)

Posted by EditorDavid on from the going-nuclear dept.

Slashdot reader zootsewt1 quotes a rundown by Security Taco of two unrelated breaches at nuclear-related facilities that were recently disclosed -- one "disruptive" and the other involving the remote theft of documents: Director Yukiya Amano from the IAEA disclosed that a nuclear power generation facility came under cyber attack within the last few years. He declined to state which specific nuclear facility was involved. Mr. Amano advised that "This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it's the tip of the iceberg."

In a separate incident, a nuclear lab in the University of Toyama in Japan conducting research on tritium (used in nuclear power plants), also came under cyber attack earlier this year. The attacker appears to have been able to exfiltrate large large amounts of data, some of which was related to the Fukushima clean-up.
The Reuters article lists other data breaches and malware infections at nuclear sites over the years, and notes that the IAEA director "also cited a case in which an individual tried to smuggle a small amount of highly enriched uranium about four years ago that could have been used to build a so-called 'dirty bomb'." At the isotope research center at the University of Toyama, the attacker reportedly compressed more than 1,000 files to make them easier to transmit.

55 comments

  1. But what part of the plant. by Mr+D+from+63 · · Score: 1

    Of course, if we are just talking about an administrative network breach, and not the isolated control network, it sounds a lot worse than the risk it presents. There have been some cases of malware migrating to corporate network connected devices, but they've been isolated from anything that could affect operation of the facility.

    1. Re:But what part of the plant. by Mr+D+from+63 · · Score: 1

      BTW, "disruptive" means once it was discovered they went through some level of effort to analyze the extent of condition. They disrupted the normal work of the day, but not the operation of any safety controls of the plant.

    2. Re:But what part of the plant. by Joe_Dragon · · Score: 2

      The t-437 safety command console.

    3. Re:But what part of the plant. by Lumpy · · Score: 1, Informative

      Here is the scary part. MOST places dont have the control network isolated from the internet. Typically because of the drooling moron managers that want to log in and spy on the workers from home.

      I know of at LEAST 4 water filtration plants that have the C&C network directly connected to the internet.

      Honestly the managers that deem that security breach necessary need to be waterboarded while someone takes a cattle prod to their testicles.

      --
      Do not look at laser with remaining good eye.
    4. Re:But what part of the plant. by Waffle+Iron · · Score: 4, Funny

      It was the reactor core.

      Some salesmen convinced management to install the new "AtomikRodz" smart controllers into the reactors. They monitor power demand levels, and over time they learn to automatically adjust power output in advance, cutting down on personnel costs. Even better, the associated app allows operators to manually adjust the control rods with their phones from anywhere in the world. No need to run down to the station just to fiddle with power output.

      Unfortunately, as with most IoT gear, this product was riddled with security holes.

    5. Re:But what part of the plant. by Mr+D+from+63 · · Score: 1

      Whats really funny is that some folks here will take you seriously.

    6. Re:But what part of the plant. by Anonymous Coward · · Score: 0

      No, you need to have some balls.

      Here, let me lay this out for you.

      1: Impliment new SECOPS policies and audits. You don't even have to have a staff, just the authority.

      2: Inform management these are being implemented along with a new INFOSEC security initiative. If you can get management to sign on the dotted line for something along the lines of ISO27001/27002, all the better.

      3: You now put in the security infrastructure which includes people, processes, and equipment. This doesn't have to be a high level budget item but you're setting the path the organization needs to go in.

      4: When managers come up to you asking you to do new insecure things, point to company policy, and point to the engineering process you have to go through to put a dollar amount to their request. Look at how they are doing things now that are insecure, and work with management to make several small changes that put staff in the right direction. These do not have to be high dollar amount things they are doing. Also, large dollar amount security items tend to get shot down, what doesn't get shot down is project spend increases to make sure it's secure.

      5: Finally, and most importantly, if some manager thinks they're going to show you a thing or two, and makes a big stink about going against company policy. Be reasonable upfront, and if management pushes, make sure you are walking into the meeting with a signed letter of resignation. Make sure the CEO and executive staff get copies via certified letters.

      Nothing but nothing pisses of an executive more when they are committing a crime to throw a few more shekels into the ol' back pocket, and someone makes sure they are informed of it.

    7. Re:But what part of the plant. by flyingfsck · · Score: 1

      They exfiltrated radio active data from the AC plant. The data will make Wiki Leaks glow in the dark and halve Julian Assange's heating bill.

      --
      Excuse me, but please get off my Pennisetum Clandestinum, eh!
    8. Re: But what part of the plant. by Anonymous Coward · · Score: 0

      Yes but bugs in USB drives from admin side have a way of walking their way to ICNs.

    9. Re:But what part of the plant. by AchilleTalon · · Score: 1

      So, someone cracked the security gate guard's iPhone. Why such an uninfomative article makes its way to /.?

      --
      Achille Talon
      Hop!
    10. Re:But what part of the plant. by Anonymous Coward · · Score: 0

      Just further proof that we must push the IoT beyond all limitations! .... waitaminute...

    11. Re:But what part of the plant. by Anonymous Coward · · Score: 0

      Whats really funny is that some folks here will take you seriously.

      The funny thing is *you* take yourself seriously.

    12. Re:But what part of the plant. by Big+Hairy+Ian · · Score: 1

      I did some work for the IAEA three or four years ago they were still using a 30 year old Mainframe that still hadn't been Y2K certified to do most of their work. Welcome to the UN

      --

      Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.

  2. Stuxnet by Anonymous Coward · · Score: 0

    NT

  3. A tritiumn lab? by Mr+D+from+63 · · Score: 1

    Why would we worry about a tritium lab?

    1. Re:A tritiumn lab? by mbkennel · · Score: 4, Informative


      Because substantial amounts of tritium are essential for "boosted" fission nuclear weapons. Tritium (and deuterium, which is cheap and easy to procure) adds fusion to the core of a fission warhead. It's not significant in energy production directly (unlike a true H-bomb) but it substantially increases the efficiency and potency of the fission reaction by adding a boost of neutrons at the moment of maximum compression.

      It is considered essential to producing warheads which are small enough for militarily capable missiles.

      Hackers were hence probably DPRK.

    2. Re:A tritiumn lab? by rholtzjr · · Score: 1

      Because tritium in particular is an integral part of certain thermonuclear devices (though in quantities several thousand times larger than that in a keychain), consumer and safety devices containing tritium for use in the United States are subject to certain possession, resale, disposal, and use restrictions.

      Hmm, I wonder?

    3. Re:A tritiumn lab? by AHuxley · · Score: 1

      Its the gateway to better nuclear weapons. The easy guide to that is to study the UK's production sites like Chapelcross.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:A tritiumn lab? by Mr+D+from+63 · · Score: 2

      Nice cut and paste from wiki. But a cyber attack on a tritium lab doesn't get materials into the hands of anyone.

  4. Confused report by Mr+D+from+63 · · Score: 2

    The Reuters article lists other data breaches and malware infections at nuclear sites over the years, and notes that the IAEA director "also cited a case in which an individual tried to smuggle a small amount of highly enriched uranium about four years ago that could have been used to build a so-called 'dirty bomb'." At the isotope research center at the University of Toyama, the attacker reportedly compressed more than 1,000 files to make them easier to transmit.

    This paragraph conflates separate, unrelated incidences, one of which has nothing at all to do with cyber attack. Why?

    1. Re:Confused report by Anonymous Coward · · Score: 0

      Why?

      Who cares? Grab 'em by the cyber! Cyber!

    2. Re: Confused report by Nidi62 · · Score: 1

      Because nuclear and dirty bombs and terrorism.

      --
      The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
    3. Re:Confused report by Princeofcups · · Score: 1

      The Reuters article lists other data breaches and malware infections at nuclear sites over the years, and notes that the IAEA director "also cited a case in which an individual tried to smuggle a small amount of highly enriched uranium about four years ago that could have been used to build a so-called 'dirty bomb'." At the isotope research center at the University of Toyama, the attacker reportedly compressed more than 1,000 files to make them easier to transmit.

      This paragraph conflates separate, unrelated incidences, one of which has nothing at all to do with cyber attack. Why?

      Viewer clicks.

      --
      The only thing worse than a Democrat is a Republican.
    4. Re:Confused report by AHuxley · · Score: 1

      Most nations who joined the nuclear club late kind of have to sign up to all kinds of international standards and protections to keep their university, power, medical and research tracked and watched.
      Stuff missing is tracked as nations like to build projects on the side. To prevent that everything is registered.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Confused report by queazocotal · · Score: 2

      Also, enriched uranium is a _TERRIBLE_ isotope for a dirty bomb.
      Enriched uranium is more radioactive than natural uranium - but only in a ridiculously small amount, because instead of half decaying in 4 billion years, half decays in 700 million years.

      Alexander_Litvinenko was poisoned by around 10 micrograms of Polonium-210.
      In rough numbers, polonium-210 is two billion times more active than uranium-235.
      To have the same dose equivalent of uranium, you'd need a 20 kilogram lump of uranium-235.
      There is no real way to get any radioactive danger from uranium-235 unless you make it into a bomb, at any dose the chemical effects (broadly similar to lead) would vastly overwhelm the radioactive.

    6. Re:Confused report by doom · · Score: 1

      And the word "successfully" in this context suggests that a cracker has hijacked the control system of a nuclear power plant. Actually the news appears to be that someone got some data from a lab that works with tritium. So: EditorDavid is either a fear-mongering anti-nuclear fanatic, or a fear-mongering yellow journalist hustling for clicks-- why exactly am I reading this site?

    7. Re:Confused report by Mr+D+from+63 · · Score: 1

      Its hard sometimes to tell the fear mongers from those that are just ignorant. Mostly I just hear parrots repeating whatever fits their ill informed vision of all things nuclear.

      I try to do my part to educate and point out the utter stupidity which is common to almost every anti-nuke submission, but sometimes I agree, why bother.

  5. Cyber Attack by Anonymous Coward · · Score: 0

    Does that mean an internet intrusion or some kind of state sponsored STUXNET like the israelis make? You can stop the first kind by unplugging your nukeular plant from the fucking internet.

  6. Compression by Anonymous Coward · · Score: 1

    "the attacker reportedly compressed more than 1,000 files to make them easier to transmit."
    As long as the attacker didn't try the same trick with the uranium - that tends to not end so well...

  7. Umm, never connect them to the internet? by Anonymous Coward · · Score: 0

    Don't allow anything but known hardware addresses locked to ports, booby trap every unused switch port so if it goes lit it generates and alert and puts the port into a honeypot.

    1. Re:Umm, never connect them to the internet? by m.alessandrini · · Score: 1

      But then, how can you make Homer Simpson work from home?

  8. Give the atacker a metal.. by BlueCoder · · Score: 1

    And whomever put the plant online and or designed the computer system needs to be shot for treason.

    1. Re:Give the atacker a metal.. by Anonymous Coward · · Score: 1

      What kind of metal? Polonium?

  9. Great... by Anonymous Coward · · Score: 0

    This just makes me wonder if when they're talking about that "cyber strike" on Russia, they mean causing another Chernobyl.

    Sure, that shouldn't be possible with modern reactor designs, but I wonder just how modern some of them are with all the NIMBY crap that created so much red tape in order to kill off nuclear power....

  10. Clean up business by Anonymous Coward · · Score: 0

    The attacker appears to have been able to
    exfiltrate large large amounts of data, some of which was related to the
    Fukushima clean-up.

    Soon, your friendly neighborhood Yakuza's companies come offering affordable cleaning services for the Fukushima prefecture.

  11. Reduced physical security by mdsolar · · Score: 1

    US nuclear plants are bucking for reduced physical security, disarming guards, leaving waste with little supervision. Cyber attacks may end up being more effective as the human security component is curtailed.

    1. Re:Reduced physical security by Anonymous Coward · · Score: 0

      Cyber attacks may end up being more effective as the human security component is curtailed.

      That might be the stupidest thing I've read on /. today.

  12. Security Taco by Anonymous Coward · · Score: 0

    It's obviously a link promotion for securitytaco.com, that one paragraph piece looks like a quick knockoff paragraph from a Google search.

  13. You have missed the critical point here by thesupraman · · Score: 1, Funny

    A clickbait headline!

    I mean, after all a NUCEAR REACTOR has been HIT!!! by ATTACKERS!!!

    Carefully ignore the fact that it probably means some script kiddie accidentally run a scan against
    a poorly configured break room web terminal used to access ebay during lunchtimes..

    a REACTION was HIT!

    FLEE for your LIVES! and its CYBER, thats even worse! next YOUR reactor will be hit! there is no ESCAPE!

    Sigh. Welcome to the death of actual journalism (or at least the rape of its long dead corpse)

  14. Split the internet by Anonymous Coward · · Score: 0

    Since businesses and government can't seem to grasp the concept of airgaps, I think it's time to split the civilian internet off from the business and government internet. We can't touch their stuff, and they can't touch ours. This also limits the IOT botnet vector. If that means I can't go to sears.com for Christmas shopping then so be it. captcha: divert

    1. Re:Split the internet by Anonymous Coward · · Score: 0

      Nuclear plants airgap their control systems. This article is not breach of a plant control system, but of an administrative network not related to plant control at all.

  15. The Fukushima clean-up? by drinkypoo · · Score: 2

    Let's hope they release that stuff publicly ASAP. I want to know what Tepco has been lying about lately.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    1. Re:The Fukushima clean-up? by MrKaos · · Score: 2

      Let's hope they release that stuff publicly ASAP. I want to know what Tepco has been lying about lately.

      That the ground around unit four spent fuel pool has subsided 30 inches since the accident with 400 or so spent fuel rods still in there.

      Allegations are that unit 4 was being upgraded when the quake struck and that fuel was being stored illegally in the spent fuel pool at the time of the quake. Money that should have been spent on seawall and generator upgrades.

      Japanese civil engineers have said they're at a loss to explain the damage to the concrete supports for the spent fuel pool in unit four as the quake did not have enough ground acceleration to damage them.

      Accounts are emerging that when part of the crane fell in the pool, some of the illegal fuel rods struck one another causing a neutron pulse and it is that which damaged the concrete supports.

      Meanwhile The fall guy president admits there is a cover up of a meltdown to cover-up the illegal activity that was happening in unit four in the first place. Look at that silly monkey!

      We have this brain dead blanket on all news and information about Fukushima there is little chance we are going to get much real information while they continue to let that pig of a plant belch radioisotopes into the pacific ocean. I wish they would at least close in the sea walls around the plant to at least *try* to stop or filter the ground water that reaches the ocean. Plutonium Chloride is very soluble.

      Here is my ---> theory about what is going on in Japan: The shutdown of their reactor fleet has nothing to do with protestors or anything other that what is happening in Unit 4 spent fuel pool. I suspect that the government now knows just how badly Tepco fucked up, but they're in a bind. If they let Tepco hang, everyone will know why and they won't be able to control the situation.

      The situation at Unit 4 is so dire they have been toiling day and night since the accident to remove all the fuel rods from the damaged pool. It has stopped because they need to do maintenance on the crane. The count is down from 1100 spent rods, to 400 rods so far, which is awesome work, but remains a threat. I reason it is because of the following potential scenarios:

      Best Case: All the fuel rods are removed and Fukushima is no worse than it already is, an INES level 7 accident whose radioactive steam effluents will continue to blow via the jet stream over the US.

      Worse Case: There is some failure which initiates a plutonium file in the remaining rods with hundreds of millions of curies blowing over the continental US mainland and into the pacific ocean.

      Worst Case: *IF* the Japanese continued to operate their reactors, the worse case above initiates a much larger neutron pulse that initiates meltdowns in all of the nuclear plants on the japanese eastern seaboard, leaving most of the Japanese population unable to respond to the multiple meltdowns. I know, it seems far fetched, but it seems more reasonable that the Japanese government would respond to pressure from that scenario to shut down the economic benefit they get from nuclear power, as opposed to pressure from any hippy hick NIMBY anty-nukker protestor.

      Excuse me dp, I have to address the fanboi reading, yes you fanboi, re-read the worst case scenario again, notice the big *IF*, no read it again. Now before you respond, you don't know enough fact to make up a fictional scenario that elaborate, so it's either possible or you don't know what you are talking about enough to respond with anything other than an emotive diatribe. *IF*.

      Apologies dp, it's just a theory though. We will know if the Japanese reactors are started up again *after* the last of the fuel rods are removed from unit 4.

      --
      My ism, it's full of beliefs.
  16. Hey mom, look what I can do... by MTEK · · Score: 1

    This whole internet thing has been fun and all, but can we please go back to pen and paper? Thx.

  17. Airgaps? by Anonymous Coward · · Score: 0

    My car is airgapped (only wireless connection is the door-remote).
    My washing machine is airgapped.
    Even my TV is airgapped (only wireless connection is the remote).

    If your nuke plant is less secure than my washing machine, you are doing it wrong.

    1. Re:Airgaps? by Anonymous Coward · · Score: 0

      "My car is airgapped"

      Depends on the car and how it is equipped. I believe there have been multiple cases where attackers remotely hacked a car and were able to play all sorts of havoc with its systems (disabling the brakes, cutting the transmission, running windshield wipers, etc). Mostly it sounds like they attacked some minor attached device (Radio, infotainment system, etc) and then used it to gain access to the cars internal command network (CAN). Those systems should be isolated from each other (air-gaped) but in a disturbing number of modern vehicles aren't. I would generally hope that automakers wouldn't be so stupid, but the facts seem to say otherwise. The same could be said for the nuclear industry, though this article is extremely vague as to what was attacked so nothing can be really be state either way at the moment. If it was a control system for the plant then there's a definite problem. If it was the billing/budget information for the plants lawnmowers then not so much.

  18. Nuclear plants should not be connected by Anonymous Coward · · Score: 0

    Dumb Dumb Dumb

    Nuclear Power plants should be air gapped.. along with the power grid.

  19. Tritium is used in nuclear reactors? ? ? by Anonymous Coward · · Score: 0

    I've never heard of tritium used in nuclear power reactors. This sounds like nonsense: its use would add complexity and a whole new safety hazard (if used as a gas). It probably is manufactured in (ie a side-product of) a nuclear reactor, but that's a whole different thing.

  20. It is obvious we need to derez nuclear fission by WillAffleckUW · · Score: 1

    Besides, we already have military fusion reactors, so it's not like we need risky nasty fission any more.

    Thanks to the UW and other teams that developed them!

    --
    -- Tigger warning: This post may contain tiggers! --
  21. Stop using Windows, you morons!!! by Anonymous Coward · · Score: 0

    Stop sing M$ Windows shit in these facilities, and you will have a lot less problems... gosh... !!!

  22. it cant be slashdot told me it was safer by Anonymous Coward · · Score: 0

    right goys, i mean guys?

  23. And we ask you again by Anonymous Coward · · Score: 0

    Why its critical ICS stuff reachable from the internetz?

  24. Stuxnet by Anonymous Coward · · Score: 0

    Yeah, I believe it was called Stuxnet.