Nuclear Waste Dump Faces Prosecution For Cyber Security Offences

The United Kingdom’s independent nuclear safety regulator announced on 28th March that it will be prosecuting the managing company of the Sellafield nuclear site in Cumbria. The charges include “alleged information technology security offenses during a four year period between 2019 and early 2023.” the Office for Nuclear Regulation (ONR) has said.

Sellafield is Europe’s largest nuclear facility, serving as a testing ground and waste dump since 1947. It houses a massive range of highly radioactive wastes, including 140 tonnes of plutonium, which is a key ingredient for nuclear weapons.

The ONR said recently “The ONR has notified Sellafield Ltd that it will be prosecuted under the Nuclear Industries Security Regulations 2003.”

“These charges relate to alleged information technology security offences during a four year period between 2019 and early 2023... There is no suggestion that public safety has been compromised as a result of these issues,” the ONR said.

Sellafield, which has more than 11,000 staff, was placed into a form of “special measures” for consistent failings on cybersecurity in 2022, according to sources at the ONR and the security services.

This site has the largest global store of plutonium and is a massive nuclear waste dump from weapons and atomic power generation.

Sellafield’s computer servers were deemed so insecure that the problem was nicknamed Voldemort after the Harry Potter villain, according to a government official familiar with the ONR investigation and IT failings at the site, because it was so sensitive and dangerous.

At the time, Sellafield said that “all of our systems and servers have multiple layers of protection”. “Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these,” it said.

Offic for Nuclear Regulation     |     The Guardian     |     The Record     |     Bit Defender   | Telegraph     |     Mirror   |

BBC     |     No 2 Nuclear Power

Image: Ideogram

You Might Also Read: 

The UK Nuclear Industry Needs To Take Cybersecurity More Seriously:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Amazon Invests $2.75bn In AI Startup
Cambridge University Medical IT System Hacked »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Rackspace Technology

Rackspace Technology

Rackspace Technology is a leading provider of managed services across all major public and private cloud technologies. Secure your IT environments with powerful cloud security solutions and support.

Secure-NOK

Secure-NOK

Secure-NOK provides products and solutions that detect and remove security attacks and harmful events in industrial networks and control systems.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

Practical Assurance

Practical Assurance

Practical Assurance helps companies navigate the rough terrain of information security compliance.

Com Laude

Com Laude

Com Laude is a domain name management company that provides strategic consulting to help companies strengthen digital brand, safeguard customers & protect brand IP.

Nisos

Nisos

Nisos provides unrivaled protection of your reputation and assets through the practice of Active Defense.

LBMC

LBMC

LBMC is a professional services solutions provider in accounting and finance, human resources, technology, risk and information security, and wealth advisory services.

TatvaSoft

TatvaSoft

TatvaSoft is a custom software development company delivering business IT solutions and related services to customers across the globe.

Seccuri

Seccuri

Seccuri is a unique global cybersecurity talent tech platform. Use our specialized AI algorithm to grow and improve the cybersecurity workforce.

Upstack

Upstack

UPSTACK - One partner, end-to-end expertise, helping develop the solutions you need – when you need them.

Turk Telekom

Turk Telekom

Turk Telekom is the first integrated telecommunications operator in Turkey.

Ark Technology Consultants

Ark Technology Consultants

Ark Technology Consultants is a unique IT Services Firm which blends technology solutions with consultative insight around governance and process management.

Internet Initiative Japan (IIJ)

Internet Initiative Japan (IIJ)

IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.

IT.ie

IT.ie

IT.ie are a comprehensive provider of Managed IT Services, Cloud Solutions, Cyber Security, and proactive IT support services.