A series of cyber breaches has occurred at Sellafield, the UK’s highly hazardous nuclear site, linked to Russian and Chinese cyber groups. Senior staff allegedly covered up the breaches, dating as far back as 2015, when sleeper malware infiltrated the site’s IT systems. The full extent of compromised activities, including handling radioactive waste and monitoring for leaks, remains unclear.
The breaches raise concerns about access to sensitive material and emergency plans for national security. Sellafield’s inadequate cybersecurity led to a state of “special measures” in 2022, with the Office for Nuclear Regulation (ONR) considering prosecutions due to cybersecurity failures.
Reports from over a decade ago highlighted critical vulnerabilities that weren’t addressed, indicating a prolonged neglect of security concerns. Even as recent as 2023, the site’s systems are deemed unfit, prompting calls for urgent new systems at the emergency control centre.
Sensitive documents, disaster manuals, and protocols for handling nuclear emergencies are stored at Sellafield, heightening fears of compromised national security. Concerns over Russian and Chinese cyber threats have grown, prompting alerts from the UK’s cybersecurity agencies.
In the past year, there have been over 20 instances of Chinese entities attempting to access sensitive technology through hidden investments and complex structures. This theft not only impacts a company’s profitability but also poses a threat to Western countries’ future.
The report unveils a pattern of cybersecurity negligence and a potential cover-up, causing the ONR to investigate staff under caution. The increasing risks have led to calls for substantial improvements and new security systems at Sellafield, underscoring the gravity of this national security threat.
The breach at Sellafield starkly underscores the pressing requirement for more frequent Technical Surveillance Countermeasures (TSCM) inspections. Regular assessments are essential for continuously monitoring vulnerabilities, promptly detecting potential breaches, and adapting security measures in response to evolving cyber threats.