Director of Industrial Control Systems, SANS Institute
Technical Paper: Mounting an Active Cyber Defense in the Nuclear World
As part of our work to define a
set of overarching priorities for cybersecurity at nuclear facilities, the
Nuclear Threat Initiative commissioned a series of short technical papers to
outline areas that, if focused upon, would dramatically reduce the risk of
damaging cyberattacks in this space. In December 2016, NTI published a
report outlining four of these priorities and recommending first steps for
This paper provides greater
detail on one of those priorities, Mount an Active Defense. Click here to view the paper in PDF form.
Recent high-profile cyberattacks
have begun to shed light on the risks inherent in our hyper- connected world.
Despite these warning shots, the world remains collectively exposed. The pace
of digitization and the rise of complex, hyper-connected systems increase the
likelihood of more damaging cyberattacks in the future. This presents the
question: how can the benefits of digital technology be unlocked in a
Today’s cyber threats are
increasingly dangerous, and include sophisticated, target-focused attacks. These attacks
often rely upon enduring vulnerabilities such as human behavior and practices.
They can also utilize custom exploits and access gained through supply chain
vulnerabilities, and have proven effective in compromising conventional
cybersecurity defenses. Well-resourced, persistent adversaries can defeat even
the most technologically advanced security solutions, meaning that responses
must extend beyond technology and tools.
At a nuclear facility, such an
attack could compromise sensitive information or manipulate security, safety,
or automation systems, with potentially catastrophic consequences.
cyberattacks against critical infrastructure now occur with such frequency that
the discovery of remote-control malware in an infrastructure control network no
longer rings alarm bells unless it is specifically targeted to that facility. This cultural
shift to grudging acceptance of inadequate security measures is dangerous as it
is often difficult (if not impossible) to determine the intent behind and full
consequences (intended and unintended) of an attack.
Sign up for our newsletter to get the latest on nuclear and biological threats.
This paper by Michelle Nalabandian, Alexandra Van Dine, and Page Stoutland highlights steps governments can take to protect nuclear facilities from cyber threats.
Report highlights the threat posed to nuclear facilities from cyber-attacks & the lack of adequate legal and institutional protections for such facilities.
This paper provides detail on reducing complexity of digital systems to improve cyber-nuclear security.