Sellafield nuclear site compromised by Russian and Chinese hackers

News
By published

Hackers had access to some of the most sensitive information on the Sellafield nuclear networks

Skull and Crossbones
(Image credit: Shutterstock)
Jump to:

The UK Sellafield site has been breached by hackers with links to Russia and China’s governments, the Guardian has revealed.

The site is listed as the UK’s most hazardous, and contains the world’s largest store of plutonium, alongside highly sensitive data relating to nuclear attacks and disasters.

The breach has been traced as far back as 2015 after experts uncovered malware within the Sellafield site’s computer systems.

Cyber Chernobyl?

Originally designed to produce plutonium for nuclear weapons research and production during the Cold War, the site has also seen extensive use for power production, and nuclear fuel reprocessing and waste storage.

The site has over 11,000 staff, and has taken in spent radioactive fuel from a number of other countries for processing. The site is guarded by armed police, but its cyber network is apparently not offered the same level of security, and was last year placed into “special measures” due to its poor cyber security.

Among a number of other failings, it was found that contractors working on the site were able to access the network unsupervised, and workers on an external site could also access the Sellafield network.

Ed Miliband, the shadow secretary of state for energy security and net zero, commented that it was a “very concerning report about one of our most sensitive pieces of energy infrastructure”.

“It raises allegations that must be treated with the utmost seriousness by government. The government has a responsibility to say when it first knew of these allegations, what action it and the regulator took and to provide assurances about the protection of our national security.”

There is currently no information on exactly what information was stolen by the hackers, but Guardian sources suggested that even the most confidential information on the site could have been accessed by hackers.

According to the Office for Nuclear Regulation, it is expected that individuals will be charged for the site’s cybersecurity failings, and there are suggestions that the Sellafield network is so outdated and vulnerable that a brand new network should be built to replace it’s current systems.

More from TechRadar Pro

TOPICS
Benedict Collins
Benedict Collins
Senior Writer, Security

Benedict has been with TechRadar Pro for over two years, and has specialized in writing about cybersecurity, threat intelligence, and B2B security solutions. His coverage explores the critical areas of national security, including state-sponsored threat actors, APT groups, critical infrastructure, and social engineering.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the Centre for Security and Intelligence Studies at the University of Buckingham, providing him with a strong academic foundation for his reporting on geopolitics, threat intelligence, and cyber-warfare.

Prior to his postgraduate studies, Benedict earned a BA in Politics with Journalism, providing him with the skills to translate complex political and security issues into comprehensible copy.