The UK's Sellafield nuclear plant, one of the most potentially dangerous industrial sites in Europe, has been hacked into by cyber groups closely linked to Russia and China, according to an investigation.
Sources told the Guardian that breaches at the site close to Seascale on the coast of Cumbria, were first detected as far back as 2015 when experts realised spy software had been embedded in the plant's computer networks. Sellafield is one of the largest nuclear sites in Europe. It has around 11,000 people working in 1,300 buildings connected by 25 miles of roads across 700 acres, with vast quantities of radioactive waste in its silos.
The plant stores spent nuclear fuel from nuclear power stations in the UK, to try and keep up with the US and Russia to become a nuclear power. The radioactive waste held at the site is far greater than what was at Chernobyl before the disaster there. The site has the largest store of plutonium on the planet. It also has a trove of emergency planning documents to be used if the UK should ever come under foreign attack or face disaster.
The revelations have emerged in Nuclear Leaks, a year-long Guardian investigation into cyber hacking, radioactive contamination and toxic workplace culture at Sellafield. "If Sellafield isn't safe, the UK isn't safe and potentially its neighbours", Guardian reporter Anna Isaac said. It is still not known if the malware that was first detected eight years ago has been eradicated or not. The Guardian also uncovered that the plant was placed into a form of "special measures" for consistent failings in cybersecurity last year.
The Office for Nuclear Regulation (ONR) confirmed to the newspaper that Sellafield is failing to meet its cyber standards but declined to comment on the breaches. The Guardian says the problems with the insecure server are extremely severe and involve sensitive data that could be exploited by Britain’s enemies. Earlier this year, the country's National Cyber Security Centre [NCSC] sounded the alarm over the risk of cyber-attacks on critical national infrastructure from Russia and China. It wrote: "They may become more effective over time, and so the NCSC is recommending that organisations act now to manage the risk against successful future attacks."
A Sellafield spokesperson told the Guardian: "We take cybersecurity extremely seriously at Sellafield. All of our systems and servers have multiple layers of protection. Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these. Over the past 10 years, we have evolved to meet the challenges of the modern world, including a greater focus on cybersecurity. We’re working closely with our regulator. As a result of the progress we’ve made, we have an agreed route to step down from ‘significantly enhanced’ regulation.”