Chinese and Russian attacks on critical infrastructure were thrust into attention this week after a newspaper report alleged international hackers had compromised IT systems at a major nuclear site in the U.K.
An investigation by The Guardian stated that computer networks at Sellafield, described by the newspaper as the U.K.'s "most hazardous nuclear site" were breached by groups "closely linked" to Russia and China.
Sources told the newspaper that hacks were detected as early as 2015, and that malware had been "embedded in Sellafield's computer networks."
Sellafield has said it takes "cybersecurity extremely seriously" and that its "systems and servers have multiple layers of protection,"
The discovery refreshes concerns about the vulnerabilities domestic infrastructure faces; only earlier this year, the U.S. State Department saw Microsoft email accounts belonging to its diplomats broken into by what were understood to be Chinese hackers.
What Is Sellafield?
Sellafield is a nuclear waste management site that, according to the U.K.'s Office for Nuclear Regulation (ONR), manages more radioactive waste in one place than any other nuclear facility in the world.
Built over 70 years ago, it manufactured plutonium for nuclear weapons during the Cold War and was a power plant until 2003. It has since become the site for cleaning up the U.K's nuclear legacy. It has also dealt with waste from other European nations.
A 2022 report by The Sunday Times said that its Magnox Swarf Storage Silo, contains "roughly six times more radioactivity than was released by the Chernobyl reactor explosion in 1986."
The ONR states that many of the facilities on the site are aging and new ones are required as its purpose changes from reprocessing to decommissioning nuclear waste.
What Was Discovered?
The Guardian's investigation into cyberattacks at the site is part of a series of reports it has published on Sellafield, which have included claims about a "worsening" leak at the Magnox Swarf Storage Silo.
As previously stated, concerns about the cybersecurity at the site date back eight years following the discovery of "sleeper malware" embedded on its systems.
Sources speaking to The Guardian said that nuclear regulators were not alerted to problems at Sellafield for several years, a decision that is said to have made the task of assessing the extent of data loss or other ongoing risks difficult.
Its report states that it's still not known if the malware has been eradicated from Sellafield. ONR sources told the newspaper that it was put into regulatory "special measures" in 2022 for its failings surrounding cybersecurity, adding allegations that the regulator was planning to prosecute individuals.
The ONR has stated in a response to the story that it had "seen no evidence that Sellafield's systems have been hacked by state actors in the way described in the report," and that while there were areas where "improvements are required" it said there was "no suggestion that this is compromising public safety."
ONR nonetheless confirmed that Sellafield Ltd was "not meeting certain high standards that we require" and it has "placed them under significantly enhanced attention."
It added: "Some specific matters are subject to an ongoing investigation process, so we are unable to comment further at this time"
Newsweek has contacted media representatives for ONR and Sellafield Ltd via email for comment.
The U.K.'s energy secretary, Claire Coutinho, said on Tuesday that she has written to the Nuclear Decommissioning Authority over the "serious and concerning" allegations and asked the matter be given "urgent attention."
Sellafield Ltd said it has "no records or evidence" to suggest networks had been "successfully attacked by state-actors in the way described by the Guardian."
It added that it has a "high degree of confidence that no such malware exists on our system."
Cyberattacks in the U.S.
Whatever the risks described at Sellafield could mean for the U.S, the government has had to address concerns about cybersecurity risks affecting its departments in recent years.
Earlier this year, senators wrote to the U.S. State Department demanding answers after hackers, said to be from China, broke into diplomats' Microsoft email accounts.
Microsoft revealed on July 11 that hackers had "acquired" a master cryptographic key, which allowed them to impersonate almost any user of the company's cloud-based Outlook email and calendar services, meaning they could log on as that person and copy all their email traffic and calendar appointments.
The intrusion, which started mid-May and was discovered a month later, would have allowed Beijing to see into diplomats' planning for a succession of high stakes visits to China in June and July by U.S. cabinet members, including Secretary of State Antony Blinken, Commerce Secretary Gina Raimondo and Treasury Secretary Janet Yellen, according to former officials.
The hack led to questions about Microsoft's relationship with China and whether it creates risks for the U.S. government, which relies heavily on the Redmond, Washington-based tech giant's services and products.
In 2022, Christopher Wray, director of the FBI, revealed that the organization is finding a new case of Chinese intelligence operations every 12 hours. His comments followed a 2021 attack on Microsoft Exchange servers, for which China was condemned by the U.S, NATO and the EU.
Uncommon Knowledge
Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.
Newsweek is committed to challenging conventional wisdom and finding connections in the search for common ground.
About the writer
To read how Newsweek uses AI as a newsroom tool, Click here.
