It could allow terrorists to traffic nuclear material past radiation monitoring devices at air and sea ports by raising the radiation threshold that authorities’ machines scan for.
An attacker could also falsify readings to hide a radiation leak or even falsely set off the alarm to make authorities believe one was taking place.
Alongside another attack – such as the Stuxnet computer worm which destroyed a fifth of Iran’s nuclear centrifuges in 2010 – the vulnerabilities could be exploited to increase the time it takes to detect an attack against a nuclear facility.
The energy sector is a regular target for hackers, with the UK’s National Cyber Security Centre (NCSC) warning that attackers have compromised organisations connected to the power grid.
There are 15 operational nuclear reactors at seven nuclear power plants in the UK……..
“Failed evacuations, concealed persistent attacks and stealth man-in-the-middle attacks are just a few of the risks I flagged in my research,” said Ruben Santamarta, the principal security consultant at US cybersecurity firm IOActive, which was behind the research.
Mr Santamarta’s team found the vulnerabilities by analysing the software binaries and devices used by several popular sellers of radiation monitoring equipment, and announced their findings at the Black Hat USA conference in Nevada.
Mr Santamarta said: “Being able to properly and accurately detect radiation levels, is imperative in preventing harm to those at or near nuclear plants and other critical facilities, as well as for ensuring radioactive materials are not smuggled across borders.”….http://news.sky.com/story/security-flaws-leave-nuclear-plants-at-risk-10961383
nuclear-news 
Leave a comment