VIENNA — Governments, industry, and international organizations should work together to boost the cyber defense capabilities at nuclear facilities worldwide, according to a report from the nongovernmental Nuclear Threat Initiative (NTI), released at a Dec.7 side event during the International Atomic Energy Agency’s International Conference on Nuclear Security.
NTI’s Outpacing Cyber Threats report says traditional cyber defense methods at nuclear facilities, including the use of firewalls and antivirus technology, are not adequate to address current threats that stem from an increased digitalization at nuclear power plants and other nuclear facilities.
The report notes several recent instances in which cybersecurity was compromised at nuclear facilities. “In 2016, a German nuclear power plant was found to be infected with malware, and officials discovered a spear-phishing campaign that had been exfiltrating data from a Japanese research center for months,” NTI said. The year before, the Ukrainian power grid faced a cyber attack that took out power in parts of the country for several hours, and a Japanese facility that handles nuclear materials discovered malware in its systems.
The report outlines four priorities determined by a group of experts to address cyber vulnerabilities. These are: institutionalizing cybersecurity, by which governments and regulators could develop and implement regulatory frameworks informed by physical nuclear safety and security practices; mounting active defenses, in which nuclear facilities could update their prevention and response plans; reducing complexity, or minimizing complexity in critical systems, including by transitioning to nondigital systems; and pursuing transformation, or government funding of transformative research into new technologies for these new threats.
Nuclear industry should play a role as well, NTI’s report says, by recruiting cybersecurity expertise, developing active defense capabilities at the facility level, removing excess functionalities in complex systems, and supporting the cybersecurity efforts of organizations such as the IAEA. International organizations, in the meantime, could expand their focus on global cooperation on nuclear facility cyber issues, facilitate threat information sharing, and provide a forum for discussions on relevant topics, the report says.