Nuclear site in UK hacked by Moscow and Beijing-linked groups

In a recent investigation by The Guardian, it has been revealed that the UK's Sellafield nuclear site has been hacked by cyber groups associated with Russia and China. The extent of the breach and its potential consequences have been actively concealed by senior staff at the site. It is unclear when the IT systems were first compromised, but evidence suggests that sleeper malware was embedded in Sellafield's computer networks as early as 2015. The presence of this malware raises concerns about the compromise of sensitive activities such as the movement of radioactive waste, leak monitoring, and fire prevention.

Sources indicate that foreign hackers likely gained access to highly confidential information at the site, which spans 6 square kilometers on the Cumbrian coast and is one of the most dangerous nuclear sites in the world. The full extent of data loss and ongoing risks to the systems are difficult to determine due to Sellafield's failure to notify nuclear regulators for several years. The investigation, called Nuclear Leaks, examines cyber hacking, radioactive contamination, and a toxic workplace culture at Sellafield.

Sellafield is responsible for storing the largest amount of plutonium globally and serves as a dumping ground for nuclear waste from weapons programs and decades of atomic power generation. It is also home to emergency planning documents that would be used in the event of a foreign attack or disaster in the UK. The site has faced consistent cybersecurity failings and was placed into "special measures" last year due to these issues.

The Office for Nuclear Regulation (ONR) and security services are reportedly preparing to prosecute individuals at Sellafield for their cyber failings. The ONR has confirmed that Sellafield does not meet its cyber standards but has not commented on the breaches or allegations of a cover-up. Sellafield has declined to comment on its failure to inform regulators but has highlighted the improvements it claims to have made in recent years.

Cybersecurity concerns at Sellafield have been known for over a decade, according to a 2012 report, which warned of critical security vulnerabilities that required urgent attention. Staff, regulators, and intelligence community sources believe that the site's systems are still inadequate and that senior leaders deliberately concealed the extent of the cybersecurity problems from security officials conducting vulnerability tests. This potential cover-up is the subject of potential prosecution.

The ONR's slow sharing of intelligence on cyber failings at Sellafield has raised concerns among security officials, indicating ineffective scrutiny for over a decade. The most recent ONR annual report acknowledges the need for improvements and enforcement action regarding cybersecurity risks at Sellafield. The report also states that the site is under significantly enhanced attention for this issue.

Given the gravity of the cybersecurity concerns, some officials are calling for the urgent construction of new systems at Sellafield's nearby emergency control center, a separate secure facility. Sellafield houses highly sensitive documents, including disaster manuals and plans for nuclear emergencies


More from Press Rundown