SoylentNews

"gewg_" writes:

from the mission-critical-systems-pwned dept.

El Reg reports [theregister.co.uk]

The nuclear industry is ignorant of its cybersecurity shortcomings, claimed a report released [October 5] and, despite understanding the consequences of an interruption to power generation and the related issues, cyber efforts to prevent such incidents are lacking.

The report adds that search engines can "readily identify critical infrastructure components with" VPNs, some of which are power plants. It also adds that facility operators are "sometimes unaware of" them.

Nuclear plants don't understand their cyber vulnerability, stated the Chatham House report [chathamhouse.org], which found industrial, cultural, and technical challenges affecting facilities worldwide. It specifically pointed to a "lack of executive-level awareness".

[...]Among [the 18-month study's] more frightening discoveries is that the notion "nuclear facilities are 'air gapped'" is a "myth", as "the commercial benefits of internet connectivity mean[s] that nuclear facilities" are increasingly networked.

[...]The report [chathamhouse.org] (PDF) details seven "known cyber security incidents at nuclear facilities" between 1992 and 2014:

• At Ignalina nuclear power plant (1992) in Lithuania, a technician intentionally introduced a virus into the industrial control system, which he claimed was "to highlight cyber security vulnerabilities".
• The Davis-Besse nuclear power plant (2003) in Ohio was infected by the Slammer worm [theregister.co.uk] which disabled a safety monitoring system for almost five hours.
• The Browns Ferry nuclear power plant (2006) in Alabama experienced a malfunction [theregister.co.uk] of both the reactor recirculation pumps and the condensate deminerliser controller (a type of [Programmable Logic Controller]).
• The Hatch nuclear power plant (2008) was shutdown as an unintended consequence of a contractor's software update.
• An Unnamed Russian nuclear power plant (circa 2010) was revealed by Eugene Kaspersky [theregister.co.uk] to have been "badly infected by Stuxnet".
• South Korea's Korea Hydro and Nuclear Power Co. commercial network (2014) was breached [theregister.co.uk], and information was stolen. The attack was subsequently attributed to North Korea.

The most well-known incident dated back to 2010, when a worm [theregister.co.uk] was found to be burrowing into industrial Supervisory Control And Data Acquisition (SCADA) systems on a global level.

Dubbed Stuxnet, the worm was programmed to remain dormant unless it detected the particular hardware fingerprint of an industrial software system manufactured by Siemens.

Original Submission