The government agency responsible for cleaning Sellafield nuclear waste in Cambria was put under “special measures” due to not meeting cyber-security standards.
The Office for Nuclear Regulation is investigating Sellafield Ltd’s computer security.
The regulator denied that the site was hacked by individuals connected to Russia and China.
Criminals supported by the government infiltrated the top levels of Sellafield’s IT systems. They planted a type of harmful software called sleeper malware, which was hidden and later used for spying or causing severe harm.
The Guardian reported that senior staff members failed to inform the ONR of the hack for several years, and also “covered up” the state of cyber-security.
The incident raised fears that sensitive documents could have been accessed, and that equipment at the facility – which is the largest nuclear site of western Europe, where 140 tonnes of plutonium were stored – might be damaged or disrupted.
Sellafield Ltd. and the ONR insisted that there have been no successful cyberattacks by any hackers, whether state or non-state, or any sleeper malware.
The regulator stated that it “had not seen any evidence” that Sellafield’s systems had been hacked as described. It added: “We are clear that improvements are needed to achieve the high levels of safety and security that we expect to see. But there is no suggestion this compromises public safety.
“We will continue holding Sellafield Ltd accountable to ensure that these improvements are made by a variety of regulatory actions and enforcement, which includes matters which are under an ongoing investigation process.”
Sellafield Ltd said: “We do not have any records or evidence that Sellafield Ltd’s networks have been successfully hacked.
“Our monitoring system is robust, and we are confident that such malware does not exist on our system.
We have asked The Guardian for evidence relating to this alleged assault so that we can investigate. They have not provided this.”
The Guardian reported that the ONR was preparing to bring charges against Sellafield Ltd for its numerous cyber security failings.
Post Disclaimer
The following content has been published by Stockmark.IT. All information utilised in the creation of this communication has been gathered from publicly available sources that we consider reliable. Nevertheless, we cannot guarantee the accuracy or completeness of this communication.
This communication is intended solely for informational purposes and should not be construed as an offer, recommendation, solicitation, inducement, or invitation by or on behalf of the Company or any affiliates to engage in any investment activities. The opinions and views expressed by the authors are their own and do not necessarily reflect those of the Company, its affiliates, or any other third party.
The services and products mentioned in this communication may not be suitable for all recipients, by continuing to read this website and its content you agree to the terms of this disclaimer.