Number: IRCNE2015102652
Date: 2015/10/08
According to “itpro”, a report has revealed that nuclear power stations around the world are at risk from cyberattacks because their senior management are not aware of the issues and equipment and systems are antiquated.
The research, by Chatham House, involved talking to 30 experts based in the US, UK, Canada, France, Germany, Japan, Ukraine and Russia about the security measures in place to protect against cyberattacks over an 18-month period.
It revealed that many of the issues stem from the power plants being connected to the public internet via virtual networks, leaving them open to attack by criminals.
These problems haven't been recognized and acted upon because either it had either been forgotten they were in operation or executives weren't aware of the possible holes.
The reason such establishments don't have stringent security measures in place is because they often use old systems that haven't been updated to deal with new threats.
"One example of the 'insecure by design' nature of industrial control systems is the lack of authentication and verification," the report said. "This obedience leaves nuclear facilities' control systems "particularly vulnerable to man-in-the-middle attacks that alter the communication between two devices".
"Power station operators work closely with national agencies such as the Centre for the Protection of National Infrastructure and other intelligence agencies to always be aware of emerging threats."
- 7