Skip to main content

Blackhat, Nuclear Energy and Cyber Security

While many of us were home for the holidays we couldn't escape the movie trailer for Blackhat, a cyber crime thriller directed by Michael Mann starring Chris Hemsworth. Set to premiere in the U.S. on January 16, the trailer includes a cyber attack on a nuclear power plant in China.



We've dealt with the issue of cyber security with some frequency here at NEI Nuclear Notes. I'd refer our readers back to a post written by NEI's Bill Gross almost two years ago that outlined industry actions in this area to mitigate against the possibility of a cyber attack (emphasis mine).
By December 31, 2012, each U.S. nuclear power plant has:
  • Isolated key control systems using either air-gaps or robust hardware based isolation devices. As a result, the key safety, security, and power generation equipment at the plants are protected from any network based cyber attacks originating outside the plant.
  • Enhanced and implemented robust controls over the use of portable media and equipment. Where devices like thumb drives, CD’s, and laptops are used to interface with plant equipment, measures are in place to minimize the cyber threat. These measures include such actions as: minimizing the use of devices that are not maintained at the plant; virus scanning devices both before and after being connected to plant equipment; and, implementing additional measures where the source of the data or device originates outside the plant. As a result, the plants are well protected from attacks like Stuxnet, that propagated through the use of portable media.
  • Enhanced defenses against the insider threat. Training and insider mitigation programs have been enhanced to include cyber attributes. Individuals who work with digital plant equipment are subject to increased security screening, cyber security training, and behavioral observation.
  • Implemented cyber security controls to protect equipment deemed most essential for the protection of the public health and safety. While full implementation of cyber security controls for all digital equipment requiring protection will take some time, plants have prioritized the implementation to cover the assets most essential to the public health and safety.
  • Implemented measures to maintain the effectiveness of the implemented portions of the program. These measures include maintaining the equipment described above in the plant configuration management program, ensuring changes to the equipment are performed in a controlled way. A cyber security impact analysis is performed before making changes to the equipment. The effectiveness of implemented cyber security controls is periodically assessed, and enhancements made where necessary. Vulnerability assessments are performed to ensure the cyber security posture of the equipment is maintained.
Despite these procedures, continued vigilance is key, something that's equally true for both cyber and physical security. In the meantime, we'll be keeping an eye on this film and screening it when it comes to theaters in the U.S. next week.

Comments

jimwg said…
Excellent feature to set science/tech illiterate reporters straight with. Shoot some copies out to every media outlet and news site. Stuff like this shouldn't nearly be a closed secret to blogs like this!

James Greenidge
Queens NY
Paul Deeds said…
From what I could see in the movie trailer, the producers confused the cooling tower which cools the non-radioactive turbine cooling water from the reactor containment building which houses the reactor and where the radioactivity and contamination are located. Further, how a cyber attack could damage a cooling tower as shown in the trailer, is beyond me.

Popular posts from this blog

Making Clouds for a Living

Donell Banks works at Southern Nuclear’s Plant Vogtle units 3 and 4 as a shift supervisor in Operations, but is in the process of transitioning to his newly appointed role as the daily work controls manager. He has been in the nuclear energy industry for about 11 years.

I love what I do because I have the unique opportunity to help shape the direction and influence the culture for the future of nuclear power in the United States. Every single day presents a new challenge, but I wouldn't have it any other way. As a shift supervisor, I was primarily responsible for managing the development of procedures and programs to support operation of the first new nuclear units in the United States in more than 30 years. As the daily work controls manager, I will be responsible for oversight of the execution and scheduling of daily work to ensure organizational readiness to operate the new units.

I envision a nuclear energy industry that leverages the technology of today to improve efficiency…

Nuclear: Energy for All Political Seasons

The electoral college will soon confirm a surprise election result, Donald Trump. However, in the electricity world, there are fewer surprises – physics and economics will continue to apply, and Republicans and Democrats are going to find a lot to like about nuclear energy over the next four years.

In a Trump administration, the carbon conversation is going to be less prominent. But the nuclear value proposition is still there. We bring steady jobs to rural areas, including in the Rust Belt, which put Donald Trump in office. Nuclear plants keep the surrounding communities vibrant.

We hold down electricity costs for the whole economy. We provide energy diversity, reducing the risk of disruption. We are a critical part of America’s industrial infrastructure, and the importance of infrastructure is something that President-Elect Trump has stressed.

One of our infrastructure challenges is natural gas pipelines, which have gotten more congested as extremely low gas prices have pulled m…

Innovation Fuels the Nuclear Legacy: Southern Nuclear Employees Share Their Stories

Blake Bolt and Sharimar Colon are excited about nuclear energy. Each works at Southern Nuclear Co. and sees firsthand how their ingenuity powers the nation’s largest supply of clean energy. For Powered by Our People, they shared their stories of advocacy, innovation in the workplace and efforts to promote efficiency. Their passion for nuclear energy casts a bright future for the industry.

Blake Bolt has worked in the nuclear industry for six years and is currently the work week manager at Hatch Nuclear Plant in Georgia. He takes pride in an industry he might one day pass on to his children.

What is your job and why do you enjoy doing it?
As a Work Week Manager at Plant Hatch, my primary responsibility is to ensure nuclear safety and manage the risk associated with work by planning, scheduling, preparing and executing work to maximize the availability and reliability of station equipment and systems. I love my job because it enables me to work directly with every department on the plant…