According to one researcher, nuclear power plants around the world have been targeted in 24 cyber incidents since 1990. He says more needs to be done to prevent future, potentially catastrophic attacks.
Swedish researchers launched a simulated cyber attack against a coal plant in Sweden, which resulted in some flooding of the plant. This is just one outcome of many, although actual cyber attackers would likely attempt to cause more damage. The drill was run to examine the plant’s capability to defend against attacks, and the same tactics could be implemented on nuclear plants.
According to researchers, the attack “drove home the potential physical consequence of a cyberattack of critical infrastructure.” More steps, they said, need to be taken for these attacks to be defended at critical infrastructure points.
Ted Turner, a founder of the Nuclear Threat Initiative, believes there have been 24 cyber incidents since 1990 including 11 that were malicious. These attacks include one 2014 attack where North Koreans stole blueprints for a South Korean nuclear reactor. While regulatory regulations have strengthened most facilities, many power plants were built decades ago on analog systems that are shielded from direct internet attacks in the digital age.
Many of the 61 nuclear plants in the United States are privately owned, giving owners more incentive to improve security measures. Exercises and drills allow for plants to prepare for attacks that rarely succeed but are attempted frequently.