Sellafield nuclear site hacked by groups linked to Russia and China

The UK's most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal.
Sources said breaches were first detected as far back as 2015, when experts realised sleeper malware - software that can lurk and be used to spy or attack systems - had been embedded in Sellafield's computer networks.
It may mean some of Sellafield's most sensitive activities, such as moving radioactive waste, monitoring for leaks of dangerous material and checking for fires, have been compromised.
The full extent of any data loss and any ongoing risks to systems was made harder to quantify by Sellafield's failure to alert nuclear regulators for several years, sources said.
The revelations have emerged in Nuclear Leaks, a year-long Guardian investigation into cyber hacking, radioactive contamination and toxic workplace culture at Sellafield.
The site has the largest store of plutonium on the planet and is a sprawling rubbish dump for nuclear waste from weapons programmes and decades of atomic power generation.
Sellafield mapGuarded by armed police, it also holds emergency planning documents to be used should the UK come under foreign attack or face disaster.
In a statement, Sellafield also declined to comment about its failure to tell regulators, instead focusing on the improvements it says it has made in recent years.
The problem of insecure servers at Sellafield was nicknamed Voldemort after the Harry Potter villain, according to a government official familiar with the ONR investigation and IT failings at the site, because it was so sensitive and dangerous.
The scale of the problem was only revealed when staff at an external site found that they could access Sellafield's servers and reported it to the ONR, according to an insider at the watchdog.
In one highly embarrassing incident last July, login details and passwords for secure IT systems were inadvertently broadcast on national TV by the BBC One nature series Countryfile, after crews were invited into the secure site for a piece on rural communities and the nuclear industry.
More than a decade later, staff at Sellafield, regulators and sources within the intelligence community believe systems at the vast nuclear waste dump are still not fit for purpose.
Security officials are also concerned that the ONR has been slow to share its intelligence on cyber failings at Sellafield because they indicate that its own scrutiny has been ineffective for more than a decade.
Such is the scale of cybersecurity concern, some officials believe entire new systems should be urgently built at Sellafield's nearby emergency control centre - a separate secure facility.
Among the highly sensitive documents stored at Sellafield are disaster manuals, plans that guide people through emergency nuclear protocols and what to do during a foreign attack on the UK. These documents include some of the learnings from a variety of sensitive operations, including Exercise Reassure in 2005 - and the regular Oscar exercises - which were aimed at testing the UK's ability to handle a nuclear disaster in Cumbria.
The ONR was so concerned by the fact that external sites could access Sellafield's servers, and an apparent cover-up by staff, that it interviewed teams under caution.
The Sellafield board held an inquiry into the problem in 2013 and the ONR warned that it would require more transparency on IT security.
ChartNuclear decommissioning, a large share of which is done at Sellafield, is one of the biggest drains on the UK government's annual business department budget.
Prior to publication, Sellafield and the ONR declined to answer a number of specific questions or say if Sellafield networks had been compromised by groups linked to Russia and China.
Following publication, they said they had no records to suggest Sellafield's networks had been successfully attacked by state actors in the way the Guardian described.


This Cyber News was published on www.theguardian.com. Publication date: Wed, 06 Dec 2023 01:29:05 +0000


Cyber News related to Sellafield nuclear site hacked by groups linked to Russia and China

Sellafield nuclear site hacked by groups linked to Russia and China - The UK's most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal. Sources said breaches were first detected as far back as 2015, when experts realised sleeper malware - ...
11 months ago Theguardian.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Britain says no evidence of Sellafield nuclear site hacking - LONDON, Dec 4 - Britain has no records or evidence to suggest that networks at the Sellafield nuclear site were the victim of a successful cyber attack by state actors, the government said on Monday following a report by the Guardian newspaper. The ...
11 months ago Reuters.com
Britain Nuclear site Sellafield experiences malware cyber attack - Reports confirm that Sellafield, a prominent nuclear site, has fallen victim to a recent malware attack, with initial investigations suggesting the infiltration of malicious software dating as far back as 2015. Cybersecurity experts are actively ...
11 months ago Cybersecurity-insiders.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
6 months ago Securityweek.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
6 months ago Packetstormsecurity.com
A Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Century Risks - Cybersecurity for the software-driven Sentinel nuclear missile has been a top focus of the program. Those underground capsules are about to be demolished and the missile silos they control will be completely overhauled. A new nuclear missile is ...
11 months ago Securityweek.com
Sellafield Accused of Covering Up Major Cyber Breaches - A UK facility containing the world's largest stockpile of civil plutonium has been breached by hackers linked to Russia and China, with attacks traced back as far as 2015, according to a bombshell new report. The Guardian cited various inside sources ...
11 months ago Infosecurity-magazine.com
How 'Big 4' Nations' Cyber Capabilities Threaten the West - COMMENTARY. There are four nations deemed by the US and UK governments to pose the greatest threat to the West. Russia's cyber-threat activities are primarily focused on offensive cyber operations, China's are focused on cyber espionage, Iran's on ...
9 months ago Darkreading.com
Stifling Beijing in cyberspace big focus for UK operatives The Register - Regular attendees of CYBERUK, the annual conference hosted by British intelligence unit the National Cyber Security Centre, will know that in addition to the expected conference panels, there is usually an interwoven theme to proceedings. Various ...
6 months ago Theregister.com
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
11 months ago Bleepingcomputer.com
China's Dogged Campaign to Portray Itself as Victim of US Hacking - For more than two years, China's government has been attempting to portray the US as indulging in the same kind of cyber espionage and intrusion activities as the latter has accused of carrying out over the past several years. A recent examination of ...
9 months ago Darkreading.com
European firms urge China to give more clarity on data transfer laws - AP Moeller - Maersk A/S Siemens AG BEIJING, Nov 15 - European firms "Urgently" need China to give clearer definitions of key terms in its cross-border data transfer rules, a European business lobby group said on Wednesday, warning firms also stood to ...
1 year ago Reuters.com
Uncovering Chinas Surveillance of the United States Spies Hackers and Informants - Last week, a Chinese surveillance balloon in the United States caused a diplomatic uproar and raised concerns about how Beijing collects intelligence on its biggest rival. FBI Director Christopher Wray said in 2020 that Chinese spying is the most ...
1 year ago Securityweek.com
Big China Spy Balloon Moving East Over US, Pentagon Says - The Pentagon said at midday Friday that a Chinese spy balloon had moved eastward and was over the central United States, and that the U.S. rejected China's claims that it was not being used for surveillance. Gen. Pat Ryder, Pentagon press secretary, ...
1 year ago Securityweek.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
1 year ago Bleepingcomputer.com
China Backed Actors are Employing Generative AI to Breach US infrastructure - Cybercriminals of all skill levels are utilising AI to hone their skills, but security experts warn that AI is also helping to track them down. At a workshop at Fordham University, National Security Agency head of cybersecurity Rob Joyce stated that ...
10 months ago Cysecurity.news
In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt - SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. Each week, we will curate and present a collection of noteworthy developments, ranging from ...
10 months ago Securityweek.com
Hacktivists breach U.S. nuclear research lab, steal employee data - The Idaho National Laboratory confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online. INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic ...
1 year ago Bleepingcomputer.com
Pro-China campaign targeted YouTube with AI avatars The Register - Think tank Australian Strategic Policy Institute last week published details of a campaign that spreads English language pro-China and anti-US narratives on YouTube. The campaign, which ASPI calls Shadow Play, includes 30 YouTube channels that have ...
11 months ago Go.theregister.com
China Investigating Alleged Use of Surveillance Balloon in US - China declared on Friday that it is looking into reports that a Chinese spy balloon has been flying in U.S. airspace and asked for people to remain calm. The Foreign Ministry spokesperson Mao Ning also said that China has no intention of infringing ...
1 year ago Securityweek.com
Attacks on critical infrastructure are harbingers of war: Are we prepared? - Recent attacks on several water authorities, such as Aliquippa and St. Johns River, are putting a new spotlight on the need to protect critical infrastructure. In war, to bring a nation to its knees, attacks against power and water inflict the most ...
11 months ago Scmagazine.com
US SEC's X account hacked to announce fake Bitcoin ETF approval - The X account for the U.S. Securities and Exchange Commission was hacked today to issue a fake announcement on the approval of Bitcoin ETFs on security exchanges. The announcement came this afternoon in a now-deleted tweet from the SEC's hacked X ...
10 months ago Bleepingcomputer.com
UK government denies China/Russia nuke plant hack claim The Register - The government of the United Kingdom has issued a strongly worded denial of a report that the Sellafield nuclear complex has been compromised by malware for years. It is not clear if those systems and networks are isolated, per the government ...
11 months ago Go.theregister.com
How To Combat the Mounting 'Hacktivist' Threat - These 'hacktivists' are actively targeting businesses to further their interests - those backing Moscow have been posing a threat to Western states as well as the operations and reputation of organisations. It does not appear to be a priority concern ...
10 months ago Cyberdefensemagazine.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)