BEYOND NUCLEAR PUBLICATIONS

Search
JOIN OUR NETWORK

     

     

DonateNow

Security

Nuclear reactors are sitting-duck targets, poorly protected and vulnerable to sabotage or attack. If their radioactive inventories were released in the event of a serious attack, hundreds of thousands of people could die immediately, or later, due to radiation sickness or latent cancers. Vast areas of the U.S. could become national sacrifice zones - an outcome too serious to risk. Beyond Nuclear advocates for the shutdown of nuclear power.

.................................................................................................................................................................................................................

Friday
Jan152016

"Nuclear Facilities in 20 Countries May Be Easy Targets for Cyberattacks"

As reported by the New York Times:

WASHINGTON — Twenty nations with significant atomic stockpiles or nuclear power plants have no government regulations requiring minimal protection of those facilities against cyberattacks, according to a study by the Nuclear Threat Initiative.

The findings build on growing concerns that a cyberattack could be the easiest and most effective way to take over a nuclear power plant and sabotage it, or to disable defenses that are used to protect nuclear material from theft. The countries on the list include Argentina, China, Egypt, Israel, Mexico and North Korea.

More.

Friday
Jan152016

"Nuclear commission risks being hacked because of organizational issues: watchdog report"

As reported by the Washington Times:

Computer networks used by the U.S. Nuclear Regulatory Commission pose a real possibility of being exploited by hackers as a result of inadequate organization among security personnel, a federal report found this week.

The NRC’s inspector general said in a 18-page assessment released on Tuesday that its Security Operations Center, or SOC, isn’t “optimized to protect the agency’s network in the current cyber threat environment.”

More.

Monday
Jan112016

"'Simple and affordable' drones could be turned into flying bombs that target nuclear power stations...in lone wolf attacks, security experts warn"

As reported by the U.K. Daily Mail:

Simple and affordable drones readily available on the high street [a British phrase, meaning "geared to meet the requireents of, and readily available for purchase by, the general public," or "referring to the typical shops and businesses found on the high street, or main street, of towns"] could be turned into flying bombs by lone wolf ISIS terrorists, security experts have warned.

A report by the Oxford Research Group's Remote Control Project lists a range of British targets which could be struck by the toy drones - including nuclear power stations, a G7 summit or the prime minister's car.

The think-tank warns that terrorists and activists are already using the commercially available devices - which can cost as little as £100 [$145 U.S.] - with the technology of remote control warfare 'impossible to control'. (Emphasis added)

The article goes on:

The report, The Hostile Use of Drones by Non-State Actors Against British Targets, claims that drones could 'be used as simple, affordable and effective airborne improvised explosive devices'. 

An assertion in the article must be challenged, however. The article states:

In April 2015, an anti-nuclear activist landed a drone containing radioactive sand on the Japanese prime minister’s office...

However, the individual alleged to have carried out that drone landing is not associated with the Japanese anti-nuclear movement, long serving Japanese anti-nuclear movement activists have pointed out.
The article concludes by quoting Chris Abbott, the lead author of the Remote Control Project/Open Briefing report:
'Drones are a game changer in the wrong hands. The government needs to take this threat seriously and commit to a range of countermeasures that still allow for legitimate commercial and personal use.'

But of course, atomic reactors could be permanently closed, solving the security risk now posed by malicious drone attacks (as well as solving a large number of additional safety, health, and environmental risks inevitably associated with splitting atoms to generate electricity). And high-level radioactive waste storage facilities could also be designed and built with security vulnerabilities in mind -- something that does not currently take place, for the most part.
Wednesday
Jan062016

"CIA Eyes Russian Hackers in ‘Blackout’ Attack"

Photo Illustration by Emil Lendof/The Daily Beast

Journalist Ted Koppel, formerly with ABC News, recently published a book warning about cyber-attacks on the electric grid.

It may have just happened for the first time that can be proven.

This article by Shane Harris in the Daily Beast cites numerous government and industry cyber-security experts, who warn that an electricity outage in western Ukraine that took place just before Christmas could have been caused by an intentional cyber-attack. If it was, this would be the first time such a cyber-attack on the electric grid caused an electricity outage, anywhere in the world, the article reports.

And to add to the concern, there is conjecture that the Russian government may have been behind the attack, or at least approving of it.

The attacks raise concerns about the vulnerability of the U.S. electric grid to a similar cyber-attack. As reported by the article:

The attack in Ukraine could be a bad omen for the U.S. power grid. Malicious software that was found on the networks of the [Ukrainian electric] company, Prykarpattyaoblenergo, was also used in a campaign targeting power facilities in the U.S. in 2014. It caused no damage but it set off alarms across the security and intelligence agencies.

At the time, the Homeland Security Department warned companies about the malware, known as BlackEnergy, which it said had been used in a hacking campaign that “comprised numerous industrial control systems environments…”

Industrial control systems are used to regulate the flow of electricity and to remotely control critical systems at power facilities. Security experts have warned for years that they could be commandeered via the Internet and give a hacker the ability to turn off electricity to whole cities.

Of course, the loss of electricity from the grid to nuclear power plants could begin a descent into chaos that ends in catastrophic radioactivity releases. The alternating current (AC) from the electric grid is the primary source of power to run safety and cooling systems at atomic reactors, as well as their adjacent high-level radioactive waste storage pools.

If the grid is lost, nuclear power plants do have back up emergency diesel generators (EDGs). However, these too could be cyber-hacked and rendered dysfunctional. In addition, the article mentions that cyber-attacks could lead to weeks or even months of blackout. Diesel fuel supplies to run EDGs at nuclear power plants are measured in days, not months.

A cyber-attack on the Ukrainian electric grid is especially troubling, considering that Ukraine has 15 operational atomic reactors.

And Caroline Baylon et al. at Chatham House in the U.K. have published a report, Cyber Security at Civil Nuclear Facilities: Understanding the Risks.

Cyber Security at Civil Nuclear Facilities: Understanding the Risks - See more at: https://www.chathamhouse.org/publication/cyber-security-civil-nuclear-facilities-understanding-risks#sthash.lfNUIyca.dpuf, including a specific warning about the potentially catastrophic risk to nuclear power plants from such an attack.
Sunday
Nov012015

Where is America’s cyberdefense plan?

The Empire State Building towers over the skyline of a blackout-darkened New York City just before dawn. (George Widman/Associated Press)That is the online title of an op-ed by Ted Koppel appearing in the Washington Post (the hardcopy headline reads "Before the cyber-blackout"). Koppel, best known for hosting the ABC news program “Nightline” from 1980 to 2005, is the author of the new book, Lights Out: A Cyberattack, a Nation Unprepared, Surviving the Aftermath.

The op-ed raises the specter of a power outage lasting not hours, or days, but weeks, or months, due to a coordinated cyber-attack on the vulnerable U.S. electricity grid.

But the op-ed does not address what this would mean at the 100 still operating atomic reactors across the country, and even at the numerous atomic reactors permanently shutdown. Even if operating atomic reactors were able to power down and shutdown safely during a power outage, their thermally hot cores would still have to be cooled for several days before cold shutdown was reached.

After all, the three operating reactors at Fukushima Daiichi, Japan did successfully SCRAM the moment the 9.0 earthquake struck on 3/11/11. It was the inability to cool the cores in the following days, due to the loss of the electric grid and the backup emergency diesel generators (EDGs) that led to the triple-meltdown.

This is the cautionary tale for a massive cyber-attack on the U.S. electric grid, vis a vis nuclear power plants. The hot cores would need to be cooled for at least several days, if not longer, before cold shutdown was achieved. But so too would high-level radioactive waste storage pools, even at atomic reactors that have been long permanently shutdown.

For hot reactor cores, this means EDGs would have to take the place of the electric grid, as the source of power to run the safety and cooling systems, for days or longer. But only so much diesel fuel is required to be stored on-site at reactors, as little as days' worth. The mass societal disruption caused by a widespread power outage would make diesel fuel re-supply to atomic reactors difficult to impossible.

This could make harrowing decisions necessary. For example, during the aftermath of Hurricane Andrew in 1992, diesel fuel supplies for EDGs at area hospitals had to be re-directed to the Turkey Point nuclear power plant, to keep EDGs running there. Thus, electricity at hospitals, in the aftermath of a major hurricane, was deemed secondary, as the priority had to be preventing a meltdown at an atomic reactor.

In the case of high-level radioactive waste storage pools, at both still operating reactors, as well as long permanently shutdown ones, the emergency would be initially complicated by the inexplicable fact that the Nuclear Regulatory Commission (NRC) does not require pools to be connected to EDGs in the first place. The power to run the safety and cooling systems on pools is entirely reliant on the electric grid. Thus, if the grid is lost, the pools will be entirely without electricity -- unless and until, in an ad hoc fashion, EDGs can quickly be connected to the pools.

Cooling thermally hot reactor cores invovles a much shorter fuse than cooling pools. The former allows only hours without cooling, before meltdown begins. But even the longer fuse with pools -- days or even weeks before pool water boils off, all the way down to the tops of the irradiated fuel assemblies stored in the bottom of the pool, under tens of feet of water, could be implicated. After all, Koppel warns that the cyber-attack on the electric grid could result in not hours or days of power outage, but weeks or months.

Again, at Fukushima Daiichi, it took 10 days just to restore the lights in a single control room. It took much longer to re-establish stable cooling water supplies to the melted down reactor units, as well as to the high-level radioactive waste storage pools. And that involved an albeit massive one-two punch of natural disasters, earthquake and tsunami, not an intentional attack.

An ironic image accompanied Koppel's op-ed, showing the Empire State Building towering over the skyline of a blackout-darkened New York City just before dawn in August 2003 (photo by George Widman/Associated Press, see above). The August 2003 Northeast Blackout was the second largest in history, affecting more than 50 million people in the northeast U.S., as well as Canada. A couple dozen atomic reactors in both countries had to power down and rely on EDGs to cool their still thermally hot shutdown cores, as a safety precaution, due to the instability of the electric grid. Ironically enough, that power outage was not due to a cyber-attack, but rather to a tree branch, touching a power line, in northwest Ohio. FirstEnergy Nuclear Operating Company (FENOC) was in the process of hemorrhaging $600 million due to its Hole-in-the-Head fiasco at the Davis-Besse atomic reactor. The replacement reactor lid for its dangerously corroded one, along with the replacement power costs and even NRC and Department of Justice fines, meant FENOC didn't have the money to pay for tree-trimming in its service area. But, conveniently for FENOC and the nuclear power industry, those devilishly detailed dots rarely to never get connected to the Northeast Blackout of August 2003.