Sam Nunn and his people have come up with a new nightmare for you.
Hacked nuclear power plants.
Over the last 15 years, as head of the Washington-based Nuclear Threat Initiative, the former Georgia senator has tasked himself with thinking the unthinkable. It’s become his job to keep you awake at night.
“I think that is my most important assignment in life. But it doesn’t take much creativity to do that in the nuclear field,” Nunn said last week.
The focus of Nunn’s NTI – cable TV mogul Ted Turner is a co-founder – has been on reducing, or at least securing, the world’s stockpiles of fissionable material that unsavory parties could use to make a nuclear weapon.
Every other year, Nunn and his organization have released a report measuring the effort to beat back nuclear proliferation. The latest – the fourth in eight years — was pushed out Thursday, in anticipation of an international gathering on the topic in Washington this spring.
Overall, the corralling of weapons-grade material has plateaued. Nunn blames the icy relationship between the U.S. and Russia. The latter just sent word that it won’t be attending the fourth and final Nuclear Security Summit.
But this year, Nunn and the NTI have added a new threat, and a new worry list, to the portfolio – the sabotaged nuclear power generator. (Take a breath, Georgia Power. Sam’s not pointing his finger at you. Not really.)
So far, the most famous cyberattack on a nuclear facility has been the U.S.-Israeli effort that spanned the Bush and Obama administrations. It was aimed at disabling centrifuges at an Iranian plant.
Combine that with the 2011 Fukushima disaster in Japan, when a tsunami caused a melt-down of the plant’s nuclear core.
“Those both entered into it. We had a realization for some time that this vulnerability was there, and was growing,” Nunn said.
We are familiar enough with nuclear accidents. Before the partial meltdown in Fukushima, there was Three-Mile Island in Pennsylvania in 1979. Then Chernobyl, Ukraine in 1986.
But before Sept. 11, 2001, very few people had conceived of domestic airliners as potential weapons. So we must rethink nuclear plants and their dependence on computer systems linked with the outside world, says Nunn – a supporter of civilian nuclear power generation.
The concern is only likely to grow. The pressure to reduce the use of fossil fuels has sparked renewed interest in nuclear energy around the world – despite its upfront costs.
Access systems could be compromised, the NTI report suggests, allowing thieves inside to wreak havoc or steal nuclear material. Accounting systems could be hacked to hide such thefts. Here’s one for you: “Reactor cooling systems could be deliberately disabled, resulting in a Fukushima-like disaster.”
That’s a super-dirty bomb, with dreadful consequences whichever way the wind blows.
When it came to the sabotage of nuclear power plants (there were other, broader assessments of how nations handle nuclear material), NTI says nearly half the 47 countries it assessed lacked the legal and technical foundation to fight off cyber attacks on their nuclear plants.
There is, of course, the matter of casting your eyes around the world and figuring out where the risks are greatest.
“The way we’ve done it is ask four or five questions, but it boils down to this: Are your nuclear facilities, including power plants and research reactors, required to have cyber protection?” Nunn said. “We concluded it would be valuable to find out just if they’re paying attention to it at all.
“The fact that a country doesn’t have anything in the law or regulation is not conclusive, but the chances are very, very heavy – if you don’t have an independent regulatory commission, if you don’t have any regulations or laws on it, you probably aren’t doing it,” the former senator said.
By now, you and Georgia Power are sweating out the rankings: Finland came in as the most secure, followed by Australia, Canada, the United Kingdom and Japan. The United States and Switzerland tied for sixth.
The bottom six, where risks of a sabotaged nuclear plant were judged the highest, was also an intriguing collection: North Korea, Iran (which has that history), Egypt, Algeria, Morocco – and Israel.
One would think, I said to Nunn, that tightly controlled regimes like North Korea and Iran might be harder places for cyber-sabotage to occur. “That’s entirely possible,” Nunn said. Many of those bottom-ranking nations, including Israel, would offer no information on cyber-security measures they have in place at nuclear power plants.
“We don’t think the absence of transparency ought to be rewarded,” Nunn said. “We don’t think they should be given the benefit of an assumption. ‘Yeah, just trust us.’”
Like we said — eyes wide open. At bedtime tonight, you might add a little something extra to that hot toddy. Otherwise, sleep may be a long time coming.
About the Author
