The News That Matters about the Nuclear Industry Fukushima Chernobyl Mayak Three Mile Island Atomic Testing Radiation Isotope

Nuclear center waits over a year to report cyber-attack

Computer hackers infiltrated a server installed at a facility that oversees handling of plutonium and other nuclear materials, but the breach was not reported for over a year because officials thought it wasn’t serious.

The government-affiliated Nuclear Material Control Center acknowledged on May 18 that the server at one of its facilities in Tokai, Ibaraki Prefecture, was used as a relay point in a cyber-attack in February last year.

Under the law on regulation of nuclear source material, nuclear fuel material and reactors, such security breaches must be reported to authorities. The Tokyo-based center failed to immediately notify the Nuclear Regulation Authority about what had happened.

“We didn’t even think to make a report because we failed to recognize the fact that the attack was something serious,” said Yasuhiro Yokota, a director of the organization.

No data at the facility was compromised.

On Feb. 19, 2015, an outside information security firm notified the center, “Your server is being used as a relay point in a cyber-attack that is sending high volumes of data to an outside target.”

The center changed the settings on its server the following day to prevent further infiltration attempts. The security company did not reveal the target of the cyber-attack.

Center officials apparently learned they were required to report the breach to the NRA when they were investigating a separate computer-related incident in September 2015. A computer used by a center employee had made unauthorized access to an outside server.

The center failed to notify the NRA about this incident as well, and only announced it in January.

May 19, 2016 Posted by | Japan | , , | Leave a comment