A UK facility containing the world's largest stockpile of civil plutonium has been breached by hackers linked to Russia and China, with attacks traced back as far as 2015, according to a bombshell new report.
The Guardian cited various inside sources as claiming Sellafield, which is Europe's largest nuclear site, has repeatedly covered up deficiencies in its cybersecurity posture.
Foreign hackers have likely accessed the most sensitive material stored on those systems, the report added.
This could include information on moving radioactive waste, monitoring for leaks, checking for fires and even government emergency planning documents related to contingencies for foreign attacks or disaster.
The nuclear site was accused of failing to inform regulators for many years about its security woes.
An insider told the paper that these troubles only came to light after staff working at an external site realized they could access Sellafield's servers.
They subsequently reported it to the Office for Nuclear Regulation.
Officials have also complained that the regulator has been slow to share intelligence on any failings found and that its own scrutiny has failed over the years.
Other concerns raised in the report include external contractors being able to plug memory sticks into machines unsupervised.
Oz Alashe, CEO of CybSafe, argued that cybersecurity should be an organization-wide responsibility.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Tue, 05 Dec 2023 09:40:10 +0000