The government of the United Kingdom has issued a acerb worded abnegation of a address that the Sellafield nuclear circuitous has been compromised by malware for years.
The report, actualization in The Guardian, claimed that the arguable circuitous was afraid by "cyber groups carefully affiliated to Russia and China," with the infection detected in 2015 but conceivably present afore that year.
The address claimed that "sleeper malware" was anchored in bearding systems, potentially compromising advice on movement of nuclear abstracts and affairs accompanying to safety.
A UK government statement insists "We accept no annal or affirmation to advance that Sellafield Ltd networks accept been auspiciously attacked by state-actors in the way declared by the Guardian," abacus "Our ecology systems are able-bodied and we accept a aerial amount of aplomb that no such malware exists on our system."
"All of our systems and servers accept assorted layers of protection," reads one of the rebuttal's ammo points. Another adds "Critical networks that accredit us to accomplish cautiously are abandoned from our accepted IT network, acceptation an advance on our IT arrangement would not access these."
The Guardian's address mentioned infections in "IT systems" and malware "embedded in Sellafield's computer networks."
But it is not bright if those systems and networks are isolated, per the government response.
- Aspiration to arrange new UK nuclear reactor every year a 'wish', not a plan
- Infosec boffins accommodated to plan nuke bulb drudge response
- US nuke reactor lab hit by 'gay bristling hackers' ambitious cat-human mutants
- Hacktivists advance Japanese government over Fukushima wastewater release
The rebuttal's advice about the abreast of some of Sellafield's IT acreage is additionally of arguable value, accustomed that the best abominable advance on a nuclear ability – the Stuxnet infection of Iranian accessory plants – is anticipation to accept been agitated out application disposable accumulator accessories to get above air gaps.
Nor does the acknowledgment abode all the issues in the Guardian report, which claimed Sellafield "was aftermost year placed into a anatomy of 'special measures' for connected failings on cyber security, according to sources at the Office for Nuclear Regulation (ONR) and the aegis services."
The ONR has acquaint its own comment on the story, but it does not anon abode the accusation of "special measures."
It does, however, accompaniment that the Office has "been bright that there are areas area improvements are appropriate to accomplish the aerial standards of assurance and aegis we apprehend to see, but there is no advancement that this is compromising accessible safety."
"In affiliation to cyber security, Sellafield Ltd is currently not affair assertive aerial standards that we require, which is why we accept placed them beneath decidedly added attention," the doc adds, ambagious up with account that "Some specific affairs are accountable to an advancing analysis process, so we are clumsy to animadversion added at this time." ®