Hackers linked to Russia and China breach UK's most critical nuclear facility
Photo: Sellafield nuclear facility (David Levene / theguardian.com)
The Sellafield nuclear waste facility in the UK, which is considered highly dangerous, has been hacked by cyber groups closely associated with Russia and China, writes The Guardian.
Recent investigations revealed that during the cyber breach, the facility's systems were infected with malicious software (malware) that may still remain and be used for espionage or attacks on Sellafield.
The scale of risks at Sellafield nuclear facility revealed by a cyberattack
There is a possibility that some of the crucial activities at the Sellafield facility, such as the movement of radioactive waste, monitoring leaks of hazardous materials, and fire checks, were compromised.
The potential consequences of the incident were concealed by the personnel at Sellafield. The facility's management failed to notify nuclear regulatory bodies for several years, making it difficult to assess the full extent of data loss and current risks to the systems.
Journalists uncovered that the British government precisely does not know when the IT systems were first breached. However, sources disclosed that the breaches were initially detected back in 2015.
It is anticipated that foreign hackers might have gained access to top confidential materials at the facility, which covers an area of 6 square kilometers on the coast of Cumbria and is considered one of the most dangerous in the world, as stated in the publication.
Data about the cyberattack and the installation of malicious software surfaced during the annual investigation by Nuclear Leaks into cyberattacks, radioactive contamination, and toxic actions at Sellafield.
About the facility
Sellafield houses the largest stockpile of plutonium on the planet and serves as a significant repository for nuclear waste resulting from weapon creation programs and decades of atomic energy production.
The facility, previously known as Windscale, was constructed over 70 years ago. It produced plutonium for nuclear weapons during the Cold War and accepted radioactive waste from other countries, including Italy and Sweden.
Sellafield also stores documents outlining plans for actions in emergency situations, which could be utilized in case Britain faces a foreign attack or disaster.
Sellafield in 1956 (photo: ENERGY.GOV/wikipedia.org)
Sellafield personnel facing consequences for cybersecurity lapses
Sellafield's workforce, numbering over 11,000 employees, is under scrutiny for systematic cybersecurity violations, leading to the application of "special measures" against them last year, according to sources from the Office for Nuclear Regulation (ONR) and security services.
The issue of hazardous servers at Sellafield has been dubbed Voldemort after the infamous character from the Harry Potter series, revealed a government official familiar with the ONR investigation and IT failures, speaking to The Guardian.
The ONR has prepared a report recommending criminal charges against Sellafield for this cybersecurity situation.
Photo: Sellafield nuclear facility (Photo: oecd-nea.org)
Meanwhile, in February, the U.S. Congress called for the disclosure of data on cyberattacks by Russia on nuclear laboratories.
It was also previously reported that in August, the hacker group Anonymous attacked Japan's nuclear sites. Their actions were a protest against the discharge of treated radioactive water into the sea from the damaged Fukushima nuclear power plant.
