Skip to main content

Blackhat, Nuclear Energy and Cyber Security

While many of us were home for the holidays we couldn't escape the movie trailer for Blackhat, a cyber crime thriller directed by Michael Mann starring Chris Hemsworth. Set to premiere in the U.S. on January 16, the trailer includes a cyber attack on a nuclear power plant in China.



We've dealt with the issue of cyber security with some frequency here at NEI Nuclear Notes. I'd refer our readers back to a post written by NEI's Bill Gross almost two years ago that outlined industry actions in this area to mitigate against the possibility of a cyber attack (emphasis mine).
By December 31, 2012, each U.S. nuclear power plant has:
  • Isolated key control systems using either air-gaps or robust hardware based isolation devices. As a result, the key safety, security, and power generation equipment at the plants are protected from any network based cyber attacks originating outside the plant.
  • Enhanced and implemented robust controls over the use of portable media and equipment. Where devices like thumb drives, CD’s, and laptops are used to interface with plant equipment, measures are in place to minimize the cyber threat. These measures include such actions as: minimizing the use of devices that are not maintained at the plant; virus scanning devices both before and after being connected to plant equipment; and, implementing additional measures where the source of the data or device originates outside the plant. As a result, the plants are well protected from attacks like Stuxnet, that propagated through the use of portable media.
  • Enhanced defenses against the insider threat. Training and insider mitigation programs have been enhanced to include cyber attributes. Individuals who work with digital plant equipment are subject to increased security screening, cyber security training, and behavioral observation.
  • Implemented cyber security controls to protect equipment deemed most essential for the protection of the public health and safety. While full implementation of cyber security controls for all digital equipment requiring protection will take some time, plants have prioritized the implementation to cover the assets most essential to the public health and safety.
  • Implemented measures to maintain the effectiveness of the implemented portions of the program. These measures include maintaining the equipment described above in the plant configuration management program, ensuring changes to the equipment are performed in a controlled way. A cyber security impact analysis is performed before making changes to the equipment. The effectiveness of implemented cyber security controls is periodically assessed, and enhancements made where necessary. Vulnerability assessments are performed to ensure the cyber security posture of the equipment is maintained.
Despite these procedures, continued vigilance is key, something that's equally true for both cyber and physical security. In the meantime, we'll be keeping an eye on this film and screening it when it comes to theaters in the U.S. next week.

Comments

jimwg said…
Excellent feature to set science/tech illiterate reporters straight with. Shoot some copies out to every media outlet and news site. Stuff like this shouldn't nearly be a closed secret to blogs like this!

James Greenidge
Queens NY
Unknown said…
From what I could see in the movie trailer, the producers confused the cooling tower which cools the non-radioactive turbine cooling water from the reactor containment building which houses the reactor and where the radioactivity and contamination are located. Further, how a cyber attack could damage a cooling tower as shown in the trailer, is beyond me.

Popular posts from this blog

An Ohio School Board Is Working to Save Nuclear Plants

Ohio faces a decision soon about its two nuclear reactors, Davis-Besse and Perry, and on Wednesday, neighbors of one of those plants issued a cry for help. The reactors’ problem is that the price of electricity they sell on the high-voltage grid is depressed, mostly because of a surplus of natural gas. And the reactors do not get any revenue for the other benefits they provide. Some of those benefits are regional – emissions-free electricity, reliability with months of fuel on-site, and diversity in case of problems or price spikes with gas or coal, state and federal payroll taxes, and national economic stimulus as the plants buy fuel, supplies and services. Some of the benefits are highly localized, including employment and property taxes. One locality is already feeling the pinch: Oak Harbor on Lake Erie, home to Davis-Besse. The town has a middle school in a building that is 106 years old, and an elementary school from the 1950s, and on May 2 was scheduled to have a referendu

Why Ex-Im Bank Board Nominations Will Turn the Page on a Dysfunctional Chapter in Washington

In our present era of political discord, could Washington agree to support an agency that creates thousands of American jobs by enabling U.S. companies of all sizes to compete in foreign markets? What if that agency generated nearly billions of dollars more in revenue than the cost of its operations and returned that money – $7 billion over the past two decades – to U.S. taxpayers? In fact, that agency, the Export-Import Bank of the United States (Ex-Im Bank), was reauthorized by a large majority of Congress in 2015. To be sure, the matter was not without controversy. A bipartisan House coalition resorted to a rarely-used parliamentary maneuver in order to force a vote. But when Congress voted, Ex-Im Bank won a supermajority in the House and a large majority in the Senate. For almost two years, however, Ex-Im Bank has been unable to function fully because a single Senate committee chairman prevented the confirmation of nominees to its Board of Directors. Without a quorum

NEI Praises Connecticut Action in Support of Nuclear Energy

Earlier this week, Connecticut Gov. Dannel P. Malloy signed SB-1501 into law, legislation that puts nuclear energy on an equal footing with other non-emitting sources of energy in the state’s electricity marketplace. “Gov. Malloy and the state legislature deserve praise for their decision to support Dominion’s Millstone Power Station and the 1,500 Connecticut residents who work there," said NEI President and CEO Maria Korsnick. "By opening the door to Millstone having equal access to auctions open to other non-emitting sources of electricity, the state will help preserve $1.5 billion in economic activity, grid resiliency and reliability, and clean air that all residents of the state can enjoy," Korsnick said. Millstone Power Station Korsnick continued, "Connecticut is the third state to re-balance its electricity marketplace, joining New York and Illinois, which took their own legislative paths to preserving nuclear power plants in 2016. Now attention should