Nuclear facilities across the world have little or no real security to help protect themselves against cyberattacks, according to new analysis.
The third edition of the Nuclear Threat Initiative’s (NIT) Nuclear Security Index found that close to half the countries assessed by the organization do not have a single requirement in place to protect their nuclear facilities from such attacks.
Worryingly, only nine of the 24 countries with 'weapons-usable nuclear materials' achieved the maximum score for cybersecurity, suggesting that many have underestimated the seriousness of this growing threat.
China, Argentina, Uzbekistan, Bangladesh, Italy, Belgium and Iran were just a few of the countries found to be lacking in adequate levels of security.
This is the first time that the Nuclear Threat Initiative has assessed the cyber-vulnerabilities of the global nuclear security system, which as a whole was found to still have “major gaps”.
“Like all critical infrastructure, nuclear facilities are not immune to cyberattack.”
“Like all critical infrastructure, nuclear facilities are not immune to cyberattacks,” the authors of the report commented.
“That reality is particularly worrisome, however, given the potentially catastrophic consequences of a cyberattack on a nuclear facility.
“Such an attack could facilitate the theft of nuclear materials or an act of sabotage.”
So severe are the consequences of such an attack, that the end result could be a “Fukushima-like disaster”, the paper warned.
The nonprofit, nonpartisan organization urges countries, especially those that are currently most at risk, to consider cyberattacks on nuclear facilitates within their respective national threat assessments.
The findings of the index come on the back of a spate of focused attacks on energy companies in Ukraine, which have once again highlighted the vulnerability of critical infrastructures.
Robert Lipovsky, a senior malware researcher at ESET, has said: “Let’s hope that this unfortunate case in Ukraine will also serve as warning for other organizations worldwide to harden their IT security.”