Nuclear Waste Dump Faces Prosecution For Cyber Security Offences

Uploaded on 2024-04-04 in BUSINESS-Production-Energy, BUSINESS-Services-Law, FREE TO VIEW

The United Kingdom’s independent nuclear safety regulator announced on 28th March that it will be prosecuting the managing company of the Sellafield nuclear site in Cumbria. The charges include “alleged information technology security offenses during a four year period between 2019 and early 2023.” the Office for Nuclear Regulation (ONR) has said.

Sellafield is Europe’s largest nuclear facility, serving as a testing ground and waste dump since 1947. It houses a massive range of highly radioactive wastes, including 140 tonnes of plutonium, which is a key ingredient for nuclear weapons.

The ONR said recently “The ONR has notified Sellafield Ltd that it will be prosecuted under the Nuclear Industries Security Regulations 2003.”

“These charges relate to alleged information technology security offences during a four year period between 2019 and early 2023... There is no suggestion that public safety has been compromised as a result of these issues,” the ONR said.

Sellafield, which has more than 11,000 staff, was placed into a form of “special measures” for consistent failings on cybersecurity in 2022, according to sources at the ONR and the security services.

This site has the largest global store of plutonium and is a massive nuclear waste dump from weapons and atomic power generation.

Sellafield’s computer servers were deemed so insecure that the problem was nicknamed Voldemort after the Harry Potter villain, according to a government official familiar with the ONR investigation and IT failings at the site, because it was so sensitive and dangerous.

At the time, Sellafield said that “all of our systems and servers have multiple layers of protection”. “Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these,” it said.

Offic for Nuclear Regulation     |     The Guardian     |     The Record     |     Bit Defender   | Telegraph     |     Mirror   |

BBC     |     No 2 Nuclear Power

Image: Ideogram

You Might Also Read: 

The UK Nuclear Industry Needs To Take Cybersecurity More Seriously:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Amazon Invests $2.75bn In AI Startup
Cambridge University Medical IT System Hacked »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

HDI

HDI

HDI is the worldwide professional association and certification body for the technical service and support industry.

National Institute of Standards & Technology (NIST)

National Institute of Standards & Technology (NIST)

NIST is a measurement standards laboratory, and a non-regulatory agency of the United States Department of Commerce. Areas covered include IT and cybersecurity.

SANS CyberStart

SANS CyberStart

SANS CyberStart is a unique and innovative suite of tools and games designed to introduce children and young adults to the field of cyber security.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

CyberFortress

CyberFortress

CyberFortress is an insuretech startup offering a new kind of online business interruption policy designed for small business.

IP2Location

IP2Location

IP2Location provide services to identify geolocation by IP address, and to detect IP addresses associated with anonymous proxy servers, which are often used for fraud and spamming purposes.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

Guardio

Guardio

Guardio develop tools and products to combat modern web and browser threats.

Scholarly Networks Security Initiative (SNSI)

Scholarly Networks Security Initiative (SNSI)

SNSI brings together publishers and institutions to solve cyber-challenges threatening the integrity of the scientific record, scholarly systems and the safety of personal data.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

Dropzone AI

Dropzone AI

Dropzone AI are creating a generational leap in SecOps by using AI to automate cyber expertise and tooling.

Cyber and Fraud Centre – Scotland

Cyber and Fraud Centre – Scotland

The Cyber and Fraud Centre – Scotland exists to ensure Scottish organisations are as resilient as they can be against cyber and fraud crime.

Nihka Technology Group

Nihka Technology Group

Nihka offers full end-to-end ICT solutions from business optimisation, data centre modernisation, cloud connection and management, and ICT security.

WillCo Tech

WillCo Tech

WillCo Tech works to enhance national security and force readiness for military and commercial enterprises with a suite of software capabilities surrounding the human element of cybersecurity.