Report Says Sellafield ‘Hacked’ By Russia, China

The government organisation that operates the Sellafield nuclear waste facility in Cubria has been placed in “special measures” by the nuclear regulator for failing to meet cyber-security standards.

The Office for Nuclear Regulation (ONR) confirmed on Monday that Sellafield Ltd, a subsidiary of the Nuclear Decommissioning Authority (NDA), was under “robust scrutiny” amid concerns over the security of its computer systems.

The same day Sellafield was forced to deny a Monday report by the Guardian that its systems had been hacked into by cyber groups closely linked to Russia and China.

“We have no records or evidence to suggest that Sellafield Ltd networks have been successfully attacked by state-actors in the way described,” Sellafield said in a statement.

Image credit: Pexels

‘Sleeper malware’

It said its monitoring systems are “robust” and that it has a high degree of confidence that there is no “sleeper malware” in its systems.

The Guardian report said “sleeper malware” was detected on the site’s systems as far back as 2015, and said it was still not known if the malware had been eradicated.

Such malware can remain hidden while spying on or attacking systems, the report said.

“We take cyber security extremely seriously at Sellafield. All of our systems and servers have multiple layers of protection,” the group said.

It added that its critical networks are isolated from its general IT network.

‘Foreign hackers’

The Guardian’s sources said it was “likely” foreign hackers had accessed the ‘highest echelons” of confidential material at the site, which has the largest store of plutonium in the world, at some 140 tonnes.

The hack was allegedly covered up by senior staff at the site, which failed to alert the regulator for several years, the report said.

Sellafield was placed in “special measures” last year for its cybersecurity failings, the report said.

“Sellafield Ltd is currently not meeting the high standards that we require in cybersecurity, which is why we have placed them under significantly enhanced attention,” the ONR said in a statement.

Heightened risk

“Some specific matters are subject to ongoing investigations, so we are unable to comment further at this time.”

GCHQ’s National Cyber Security Centre warned last month of a heightened risk of hacks by nation states such as Russia and China targeting critical infrastructure.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK CMA Seeks Feedback On Microsoft, Amazon AI Partnerships

British regulator invites feedback on major partnerships Microsoft and Amazon have struck with smaller AI…

5 hours ago

Google Fires More Staff Over Israel Protest

Another 20 staff have been fired by Google over Israel protest and their “completely unacceptable…

6 hours ago

Australian PM Hits Out At Elon Musk Over Knife Attack Video

Censorship row brewing down under, after the Australian Prime Minister calls Elon Musk an 'arrogant…

7 hours ago

US SEC Seeks $5.3 Billion Fine From Terra’s Do Kwon

Financial regulator asks New York judge to impose $5.3 billion in fines against Terraform Labs…

8 hours ago

Microsoft Launches Smallest AI Model, Phi-3-mini

Lightweight artificial intelligence model launched this week by Microsoft, offering more cost-effective option for Azure…

11 hours ago

US Senate Passes TikTok Ban Or Divestment Bill

ByteDance protest falls on deaf ears, as Senate passes TikTok ban or divest bill, with…

12 hours ago