Skip to main content


How 2020 Presidential Candidates Can Guard Against Cyberattacks

The 2016 presidential election witnessed unprecedented Russian cyberattacks and disinformation campaigns designed to disrupt the U.S. electoral system by influencing public opinion. The Russian goal is intended to destabilize the U.S.  through ideological activism, advancing their interest and further their political agenda. Their methods compromised computer systems of candidates and political parties using the exfiltrated data to spread disinformation and influence presidential elections.

On January 6, 2017, the U.S. Director of National Intelligence released a declassified report “Assessing Russian Activities and Intentions in Recent U.S. Elections.” According to the report, Vladimir Putin ordered a massive campaign orchestrating attacks from multiple fronts that involved spreading pro-Trump propaganda on social media to hacking the Democratic National Committee (DNC). Their methods resulted in massive data breaches within the DNC that included access to John Podesta's email f…

Nuclear Power Plant Cybersecurity

On May 17, 2007, Homeland Security Committee Chairman Bennie Thompson together with the Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology Chairman James Langevin sent a letter to Dale E. Klein, Chairman of the U.S. Nuclear Regulatory Commission (NRC) regarding the Cybersecurity at the nation’s nuclear power. The first paragraph of that letter reads:

We write to you with great concern about the cybersecurity posture of our nation’s nuclear power plants, and ask that you move with all deliberate speed in ensuring that nuclear plant licensees institute comprehensive cybersecurity policies and procedures on safety and non-safety systems alike. 

Indeed, the first paragraph of that letter resonates clearly that need to protect our nuclear power infrastructure from cyber attack. Currently, in the United States, there are 100 nuclear power reactors that the NRC has granted a license to operate.
This article I will briefly discuss the following:

  1. Cybersecurity Threats
  2. Nuclear Reactor Security
  3. Cybersecurity Considerations
  4. Key Cybersecurity Steps

 1. Cybersecurity Threats

Nuclear power plants may be vulnerable to cyber attacks, which might, in extreme cases, lead to substantial releases of radioactive material with consequent loss of lives, radiation sickness, and psycho-trauma, extensive property destruction and economic upheaval.

Cyber attacks are made on computer systems operated for a broad spectrum of purposes. Until now, no cyber attacks on nuclear power plants have resulted in releases of radioactive material, but the trends are profound. The primary objective of a cyber attack may not be to cause death and destruction. For example, the motivation is to disrupt the operation of a nuclear facility, inflict economic damage, embarrass government or utility officials, blackmail companies, get even, or just to test one’s skills or to see what happens. There is also a risk of cyber attacks aimed at other targets migrating into nuclear facilities and causing unpredictable damages.

The overly large distribution of Stuxnet and its variants has demonstrated this possibility. Given the potential for great harm, any successful cyber attack on a nuclear facility would undermine confidence in the ability of any nation to be a responsible host and the licensee-owner to run the facility safely and securely. Cyber attacks may be intended to have local and limited effects, but radioactive material ejected from a failed reactor pays no heed to national boundaries as we have witnessed the Chernobyl and Fukushima disasters.

Foreign governments, groups hostile to the government of a given State, or individuals motivated by greed, hatred or curiosity may carry out cyber attacks. The systems intended to deter and defeat such threats must address all potential perpetrators, taking into consideration the range of motivations noted above:
  • Acts of Domestic Terrorism - Cyberattacks carried out by the citizens of a State against targets within that State may violate the laws of the State intended to protect the public health and welfare.
  • Acts of International Terrorism - Cyberattacks created by activities outside the targeted State or affecting other States in addition to the targeted State.
  • Acts of War - Cyberattacks carried out by or under the aegis of foreign governments.
  • Crimes Against Humanity - Cyberattacks in certain circumstances indiscriminate of and are particularly odious offenses in that they constitute a severe attack on human dignity, grave humiliation or gross defamation of human beings.
All nuclear power plants rely extensively on a broad and diverse array of computers for a host of tasks. Some machines may play a role in monitoring or controlling the operation of the reactor itself or ancillary systems. The nuclear power plant operating and technical support staff all use computer networks, and connections may exist between these systems and plant control systems. If the hardware or software used is modified or replaced, the reactor might be forced into an accident, and the emergency response systems may fail to prevent calamity.

A plant employee acting alone might accomplish such an attack either working on his/her own volition or under duress. Fabricated hardware or software introduced into the plant might contain surreptitious instructions that might be activated according to preset conditions, once in use. Attempts may be made to hack into the protective systems making it possible to take over the plant controls externally, from within the plant, or virtually anywhere in the world.
Some such scenarios are known and have even been tested:

  • In one case, a group of hackers successfully manipulated the displays in the operating center, forcing the employees into false and potentially catastrophic reactions.
  • In another case, hackers were able to gain control of the cooling system of a nuclear power plant.
Senator Tom Coburn (R., Okla.) stated in his report:
"In the past few years, we have seen significant breaches in cybersecurity which could affect critical U.S. infrastructure, Data on the nation’s weakest dams, including those which could kill Americans if they failed, were stolen by a malicious intruder. Nuclear plants’ confidential cybersecurity plans have been left unprotected. Blueprints for the technology undergirding the New York Stock Exchange were exposed to hackers."

Fukushima Daiichi Nuclear Power Plant Radioactive Plume

 Image Credit - The New York Times

Radioactive Plume's Path Animated Representation

Three Mile Island

In March 1979 an accident that profoundly affected the utility industry in part caused by a complicated combination of stuck valves, misread gauges, and poor decisions led to a partial meltdown of the reactor core and a release of significant amounts of radioactive gases. The near-total devastation of the nuclear power industry resulted because the disaster at Three Mile Island tipped the scales in the ongoing controversy over nuclear power in favor of those opposed to it. Massive demonstrations followed the accident, culminating in a rally in New York City that attracted upward of 200,000 people. By the mid-1980s, the construction of nuclear power plants in the United States had virtually ceased.

The radioactive gases released by accident prompted the governor of Pennsylvania to evacuate pregnant women from the area. An investigation by the Nuclear Regulatory Commission claimed that the amount of radioactivity released was not a health threat, but anti-nuclear activists and many local citizens disputed this. The reactor itself remained an unusable-in fact, virtually unapproachable-more than a decade later.

Westinghouse Waltz Mill Reactor Meltdown

A core melt accident occurred at the Westinghouse Waltz Mill test reactor. From what information remains of the event, one fuel element melted, resulting in the disposition of 2 million gallons of contaminated water generated during the accident. At least a portion of the water was retained on site in lagoons, a condition which eventually led to detectable Sr-90 in groundwater plus contaminated soil.
Westinghouse’s 850 acre Waltz Mill facility is located in the rural community of Madison in Westmoreland County PA, near Pittsburgh. The experimental reactor was one of the first privately owned test reactors to operate in the United States when it went online in July 1959. The $7 million reactors produced heat but did not generate electric power and were much smaller than commercial reactors operating today. The reactor was 9 months old when a partial meltdown of uranium-filled fuel rods in the reactor’s core caused radioactive krypton and xenon gases to billow into the air over rural Westmoreland County on April 3, 1960, and to this day radioactivity is still present.

Pittsburgh-Post Gazette Newspaper Article – Westinghouse Waltz Mill Meltdown
NRC Summary of The Westinghouse Waltz Mill Meltdown

Saboteurs can knock out the U.S. Electrical Grid

Rebecca Smith in the Wall Street Journal is spot on with her article but to make matters worse, the saboteurs could go beyond those nine substations and take out the manufacturer of the transformers as well at the same time in a coordinated attack. It would make it extremely difficult to repair the damage once the deed is done.

The Electrical Power Grid Architecture

Hacking in general and attacks on protected computer systems are becoming increasingly common and more sophisticated. All of these concerns above demand robust, proactive countermeasures to prevent successful cyber attacks with the cost of inadequate protection disastrous. While reported nuclear cyber attacks events are rare no so far not cataclysmic, the threat trajectory suggests that ignoring cyber security may place individual atomic power plants at risk, some more seriously than others. Moreover, the direct consequences of a successful attack, the axiom that an accident in any nuclear power plant is an accident in all nuclear power plants, would likely extend to a security event, including a cyber attack. A successful attack on a nuclear reactor with substantial consequences would undermine global public confidence in the viability of nuclear power.

Some foreign states are apparently establishing the ability to engage in such attacks, probing defensive barriers, exercising tests of cyber weapons or merely protecting their security by creating the ability to participate in cyber warfare in case the need arises. These are the most secret digital weapons ever, capable of crippling water supplies, nuclear power plants, banks, and the very infrastructure that once seemed invulnerable to attack. In October 2012, U.S. defense secretary Leon Panetta warned that the United States was vulnerable to a “cyber Pearl Harbor” that could derail trains, poison water supplies, and cripple power grids. The next month, Chevron confirmed the speculation by becoming the first U.S. Corporation to admit that Stuxnet had spread across its machines.

Although the authors of Stuxnet haven’t been officially identified, the size and sophistication of the worm have led experts to believe that it could have been created only with the sponsorship of a nation-state. Although no one’s owned up to it, leaks to the press from officials in the United States and Israel strongly suggest that those two countries did the deed. Since the discovery of Stuxnet, computer security engineers have been fighting off other weaponized viruses, such as Duqu, Flame, and Gauss, an onslaught that shows no signs of abating.

This marks a turning point in geopolitical conflicts when the apocalyptic scenarios once only imagined in fiction disaster novels have finally become a distinct reality.

2. Nuclear Reactor Security

Physical security at nuclear power plants involves the threat of radiological sabotage, a deliberate act against a plant that could directly or indirectly endanger public health and safety through exposure to radiation. The NRC establishes security requirements at U.S. commercial nuclear power plants based on its assessment of plant vulnerabilities to, and the consequences of, potential attacks. The stringency of NRC’s security requirements and its enforcement program have been a significant congressional issue, especially since September 11, 2001, terrorist attacks on the United States.

While NRC establishes security requirements within the boundaries of commercial nuclear sites, the Department of Homeland Security (DHS) has broad responsibility for coordinating government-wide efforts to prevent and respond to terrorist attacks, including attacks on nuclear power plants. The DHS works with NRC and other agencies to protect nuclear facilities and other critical infrastructure.
Nuclear plant security measures are designed to protect three primary areas of vulnerability:
  1. Security controls on the nuclear fission chain reaction.
  2. Cooling systems that prevent hot nuclear fuel from melting even after the chain reaction has stopped.
  3. Storage facilities for highly radioactive spent nuclear fuel.
All U.S. plants are designed and built to prevent dispersal of radioactivity, in the event of an accident, by surrounding the reactor in a steel-reinforced concrete containment structure. However, as the March 2011 Fukushima disaster in Japan demonstrated, reactor containments cannot wholly block radioactive releases under the most severe circumstances, such as when cooling systems are disabled for several hours or longer. NRC requires commercial nuclear power plants to have a series of physical barriers, a defense-in-depth, and a trained security force, under regulations already in place before the 9/11 attacks (10 C.F.R. 73 - Physical Protection of Plants and Materials). The plant sites are divided into three zones:
  1. Owner controlled - buffer area perimeter that surrounds the plant.
  2. Protected area - all buildings, cooling towers and parking lots.
  3. Vital area - nuclear reactors, control building, and electrical generators.

Access to the protected area is restricted to a portion of plant employees and monitored visitors, with stringent access barriers. The critical space is further limited, with additional obstacles and access requirements. The security force must comply with NRC requirements on pre-hiring investigations and training.

3. Cybersecurity Considerations

Existing U.S. nuclear power reactors, designed in the 1960s and 1970s, are controlled primarily by analog systems that are resistant to cyber attack. However, new reactors are being developed with digital controls, and existing analog plants increasingly rely on digital computers to run auxiliary and monitoring systems. This increasing use of digital systems in nuclear power plants, along with post 9/11 security concerns and at least one “worm” infection at a U.S. reactor, have prompted increased NRC attention to cybersecurity.

A year after the 9/11 attacks, NRC issued an order that included assaults among the threats that nuclear plants would be required to defend against. Additional guidance for dealing with cyber threats was released during the next several years, and NRC issued formal cybersecurity regulations in March 2009 (“Protection of Digital Computer and Communications Systems and Networks,” 10 CFR 73.54). NRC published a regulatory guide for the program in January 2010. NRC’s cybersecurity regulations require each nuclear power plant to submit a cybersecurity plan and implementation schedule. The plan must provide “high assurance” that digital computer and communications systems that perform the following functions will provide adequate protection against design basis attacks:
  • Tasks that are safety-related or important to safety
  • Security functions
  • Emergency preparedness functions, including offsite communications.
  • Support systems and equipment that, if compromised, would adversely affect safety, security, or emergency preparedness functions.
NRC began inspecting the implementation of nuclear plant cybersecurity plans in January 2013.
The inspections are part of NRC’s Cyber Security Oversight Program, which is being incorporated into the existing Reactor Oversight Program. Nuclear power plants are also required by the Federal Energy Regulatory Commission (FERC) to comply with cybersecurity standards issued by the North American Electric Reliability Corporation (NERC). However, nuclear plant computer systems that are covered by NRC security regulations are exempt from the NERC standards. As a result, the NERC standards apply mostly to “balance of plant” (non-reactor) systems at nuclear power plants.
Nuclear power plants use both digital and analog systems to monitor plant processes, operate equipment, and store and retrieve information. Analog systems follow hard-wired instructions, and digital computer systems use software to provide directions. Digital systems, including individual computers and networks, are vulnerable to cyber attacks, which include malicious exploitation and infection by malware such as viruses, worms and other types of programming code.

Nuclear power facilities are designed to shut down safely if necessary, even if there is a breach of cyber security. A cyber attack cannot prevent critical systems in a nuclear energy facility from performing their safety functions. Among other measures, these vital systems are not connected to the Internet or to a facility’s internal network. The isolation of critical safety systems minimizes the pathways for a cyber attack. Nuclear energy facilities also are designed to automatically disconnect from the power grid if there is a disturbance that could be caused by a cyber attack.

4. Key Cybersecurity Steps

Each U.S. nuclear power plant has taken the following measures to ensure protection against cyber threats:

  • Critical control systems are isolated using either air-gaps, which do not implement any network or internet connectivity. Hardware-based isolation devices are installed those separate front-office computers from the control system, thus making the front-office computers useless for attacking essential systems. As a result, key safety, security and power generation equipment at the plants are protected from any network-based cyber attacks originating outside the plant.
  • Implementation of strict and enhanced controls over the use of portable media and equipment like thumb drives, CD, and laptops that are used to interface with plant equipment, measures must be in place to minimize the cyber threat. These measures include authorizing the use of portable assets to the performance of a specific task, reducing the movement from less secure assets to safer assets, and virus/malware scanning. As a result, nuclear power plants are well-protected from attacks like Stuxnet and variants, which was propagated through the use of portable media.
  • Heightened defenses against an insider threat. Training and insider mitigation programs have been enhanced to include cyber attributes.
  • Individuals who work with digital plant equipment are subject to increased security screening, cybersecurity training, and behavioral observation.
  • Implemented cybersecurity controls to protect equipment deemed most essential for the protection of public health and safety.
  • Measures established to maintain effective cyber protection measures. These measures include maintaining equipment listed in the plant configuration management program and ensuring changes to the hardware are performed in a controlled manner.
  • A cybersecurity impact analysis is performed before making changes to related equipment. The effectiveness of cybersecurity controls is periodically assessed, and enhancements are made where necessary.
  • Vulnerability assessments are performed to ensure that the cybersecurity posture of the equipment is maintained.
Nuclear power plants can be used as weapons of mass destruction in a successful and devastating cyber attack causing at the extreme scenario a nuclear reactor core meltdown spreading deadly radioactivity. There are vulnerabilities at nuclear power plants both physical and informational, even with defense-in-depth protection from a multitude of backup systems that minimize the risk factors of such a cyber attack from occurring. They are not enough as the cybercriminal and state-sponsored attacks are extremely sophisticated and proven to infiltrate computerized systems within a nuclear power plant.

Imagine the 9/11 attacks on the World Trade Centers in New York and at the Pentagon, if terrorists orchestrated their attacks on nuclear power plants, not only would the U.S. electrical grid be in peril but so would be the lives of millions for generations from the radioactive fallout alone. In my opinion, we dodged a bullet - they picked the wrong target, and it is of vital importance that nuclear power plants be protected from cyber attack and physical means.