References for Cyber Incidents at Nuclear Facilities

References for Cyber Incidents at Nuclear Facilities 

Month/Year

Name

Country

Description

Category

Ref. #

January 1990

Bruce Nuclear Generating Station

Canada

Software error leading to release of radioactive water

Accidental

1, 2

September 1991

Sellafield reprocessing plant

United Kingdom

Software bug leading to unauthorized opening of doors; widespread software errors

Accidental

3

February 1992

Ignalia Nuclear Power Plant

Lithuania

Employee attempted sabotage

Intentional

4, 5

June 1999

Bradwell Nuclear Power Plant

United Kingdom

Employee altered/destroyed data

Intentional

6

January 2000*

Kurchatov Institute

Russian Federation

Bug in nuclear materials accounting software

Accidental

7

January 2003

Davis-Besse Nuclear Power Station

United States

Virus blocked operator access to reactor core information

Accidental

8, 9

June

2005*

Japanese Nuclear Power Plants

Japan

Data release

Unknown

10, 11

August 2006

Browns Ferry Nuclear Power Plant

United States

Technical failure

Accidental

8, 12

December 2006

Syrian Nuclear Program

Syria

Espionage

Intentional

13, 14

March 2008

Edwin I. Hatch Nuclear Power Plant

United States

Shutdown caused by software update

Accidental

8, 15

 

March 2009

Energy Future Holdings

United States

Employee attempted sabotage

Intentional

16

 

June 2010*

Natanz Nuclear Facility

Iran

Stuxnet virus used to destroy centrifuges

Intentional

17, 18, 19

April 2011

Oak Ridge National Laboratory

United States

Data theft via spear-phishing

Intentional

20

September 2011

Areva  

France

Network intrusions

Unknown

21

October 2011*

Iranian Nuclear Program

Iran

Duqu virus used to conduct espionage

Intentional

18

May 2012*

Iranian Nuclear Program

Iran

Flame virus used to conduct espionage

Intentional

18

November 2012

Susquehanna Nuclear Power Plant

United States

Technical failure

Accidental

22

January 2014

Monju Nuclear Power Plant

Japan

Data release

Unknown

23, 24

December 2014

Korea Hydro and Nuclear Power Company

South Korea

Data theft and release

Intentional

4, 25

February 2015

Japanese Nuclear Material Control Center

Japan

Nuclear facility used as relay point in attack

Unknown

26

February 2016*

Nuclear Regulatory Commission/U.S. Department of Energy

United States

Employee attempted to infect government computers with viruses distributed via spear-phishing emails

Intentional

 

27

 

April 2016

Gundremmingen nuclear power plant

Germany

 

Two viruses entered plant’s fuel rod monitoring system

Unknown

28, 29

June 2016*

University of Toyama, Hydrogen Isotope Research Center

Japan

Data theft via spear-phishing

Intentional

30, 31

 

*Indicates date of discovery or public disclosure

[1]        Neumann, Peter, Computer-Related Risks, ACM Press / Addison Wesley, 1995.

[2]        Bartelt, Mark, "Group Questions Software's Reliability after Bruce Accident," Canadian Press, 1 February 1990.

[3]        Forester, Tom and Perry Morrison, Computer Ethics: Cautionary Tales and Ethical Dilemmas in Computing, Massachusetts Institute of Technology, 2001.

[4]        Baylon, Caroline et al., "Cyber Security at Civil Nuclear Facilities: Understanding the Risks," Chatham House.

[5]        "Russian warns of cyber terror against nuclear sites," Nuclear Threat Initiative, 9 November 2006. [Online]. Available: http://www.nti.org/gsn/article/russian-warns-of-cyber-terror-against-nuclear-sites/. [Accessed April 2016].

[6]        Maguire, Kevin, "Guard tries to sabotage nuclear reactor," The Guardian, 9 January 2001. [Online]. Available: http://www.theguardian.com/uk/2001/jan/09/nuclear.world. [Accessed April 2016].

[7]        Pfleeger, Charles P. and Shari Lawrence Pfleeger, Analyzing Computer Security: A Threat/Vulnerability/Countermeasure Approach, Prentice Hall, 2012.

[8]        Kesler, Brent, "The Vulnerability of Nuclear Facilities to Cyber Attack," Strategic Insights, vol. 10, no. 1, pp. 15-25, 2011.

[9]        Markey, Edward J., "EDO Principal Correspondence Control," 03 November 2003. [Online]. Available: http://www.nrc.gov/docs/ML0329/ML032970134.pdf. [Accessed August 2016].

[10]      "RISI Online Incident Database," RISI, 28 January 2015. [Online]. Available: http://www.risidata.com/Database/industry_type/desc/P120. [Accessed April 2016].

[11]      "Nuclear power plant secrets leaked by computer virus, Sophos reports," SophosLabs, 23 June 2005. [Online]. Available: https://www.sophos.com/en-us/press-office/press-releases/2005/06/va_jpnuclear.aspx. [Accessed 2 November 2016].

[12]      U.S. Nuclear Regulatory Commission Office of Nuclear Reactor Regulation, "Effects of Ethernet-based, Non-safety Related Controls on the Safe and Continued Operation of Nuclear Power Stations," NRC, 17 April 2007. [Online]. Available: http://www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2007/in200715.pdf. [Accessed April 2016].

 

[13]      Zetter, Kim, "Mossad Hacked Syrian Official’s Computer Before Bombing Mysterious Facility," Wired, 3 November 2009. [Online]. Available: http://www.wired.com/2009/11/mossad-hack/. [Accessed April 2016].

[14]      Follath, Erich and Holger Stark, "The Story of 'Operation Orchard': How Israel Destroyed Syria's Al Kibar Nuclear Reactor," Spiegel, 2 November 2009. [Online]. Available: http://www.spiegel.de/international/world/the-story-of-operation-orchard-how-israel-destroyed-syria-s-al-kibar-nuclear-reactor-a-658663.html. [Accessed April 2016].

[15]      Krebs, Brian, "Cyber Incident Blamed for Nuclear Power Plant Shutdown," The Washington Post, 5 June 2008. [Online]. Available: http://www.washingtonpost.com/wp-dyn/content/article/2008/06/05/AR2008060501958.html. [Accessed April 2016].

[16]      Poulsen, Kevin, "Ex-Employee Fingered in Texas Power Company Hack," Wired, 29 May 2009. [Online]. Available: http://www.wired.com/2009/05/efh/. [Accessed May 2016].

[17]      Symantec Security Response, "Stuxnet 0.5: The Missing Link," Symantec, 26 February 2013. [Online]. Available: http://www.symantec.com/connect/blogs/stuxnet-05-missing-link. [Accessed April 2016].

[18]      Healey, Jason, A Fierce Domain: Conflict in Cyberspace, 1986 to 2012, CCSA Publication, 2013.

[19]      Albright, David et al., "Stuxnet Malware and Natanz: Update of ISIS December 22, 2010 Report," Institute for Science and International Security, Washington, D.C. , 2011.

[20]      Zetter, Kim, "Top Federal Lab Hacked in Spear-Phishing Attack," Wired, 20 April 2011. [Online]. Available: http://www.wired.com/2011/04/oak-ridge-lab-hack/. [Accessed 5 May 2016].      

[21]      Arène, Véronique, "Le réseau informatique d'Areva piraté," Le Monde Informatique, 30 September 2011. [Online]. Available: http://www.lemondeinformatique.fr/actualites/lire-le-reseau-informatique-d-areva-pirate-42092.html. [Accessed October 2016].

[22]      "Unit 2 at Susquehanna Nuclear Power Plant Returns to Service," PR Newswire, 19 November 2012. [Online]. Available: http://www.prnewswire.com/news-releases/unit-2-at-susquehanna-nuclear-power-plant-returns-to-service-180075671.html. [Accessed April 2016].

[23]      "Monju power plant facility PC infected with virus," Japan Today, 07 January 2014. [Online]. Available: http://www.japantoday.com/category/national/view/monju-power-plant-facility-pc-infected-with-virus. [Accessed April 2016].

[24]      Paganini, Pierluigi, "Malware based attack hit Japanese Monju Nuclear Power Plant," Security Affairs, 10 January 2014. [Online]. Available: http://securityaffairs.co/wordpress/21109/malware/malware-based-attack-hit-japanese-monju-nuclear-power-plant.html. [Accessed April 2016].

[25]      Park, Ju-min and Meeyoung Cho, "South Korea blames North Korea for December hack on nuclear operator," [Online]. Available: http://www.reuters.com/article/us-nuclear-southkorea-northkorea-idUSKBN0MD0GR20150317.

[26]      "Nuclear center waits over a year to report cyber-attack," THE ASAHI SHIMBUN, 19 May 2016. [Online]. Available: http://www.asahi.com/ajw/articles/AJ201605190028.html. [Accessed 19 May 2016].

[27]      "Former U.S. Nuclear Regulatory Commission Employee Pleads Guilty to Attempted Spear-Phishing Cyber-Attack on Department of Energy Computers," U.S. Department of Justice Office of Public Affairs, 2 February 2016. [Online]. Available: https://www.justice.gov/opa/pr/former-us-nuclear-regulatory-commission-employee-pleads-guilty-attempted-spear-phishing-cyber. [Accessed April 2016].

[28]      Gallagher, Sean, "German nuclear plant's fuel rod system swarming with old malware," Ars Technica, 27 April 2016. [Online]. Available: http://arstechnica.com/security/2016/04/german-nuclear-plants-fuel-rod-system-swarming-with-old-malware/. [Accessed November 2016].

[29]      "German nuclear plant infected with computer viruses, operator says," Reuters, 27 April 2016. [Online]. Available: http://www.reuters.com/article/us-nuclearpower-cyber-germany-idUSKCN0XN2OS. [Accessed 27 April 2016].

[30]      Cimpanu, Catalin, "Hackers Steal Research and User Data from Japanese Nuclear Research Lab," Softpedia, 17 October 2016. [Online]. Available: http://news.softpedia.com/news/hackers-steal-research-and-user-data-from-japanese-nuclear-research-lab-509380.shtml#ixzz4NYnWS8hw. [Accessed October 2016].

[31]      "Cyber-attacks 'targeted nuclear lab'," Chicago Tribune, 11 October 2016. [Online]. Available: http://www.chicagotribune.com/sns-wp-japan-cyberattack-49befc78-8fce-11e6-a6a3-d50061aa9fae-20161011-story.html. [Accessed October 2016].