17 Jul 2017 Nuclear Cyber Compromise – Not On Our Watch
Recent reports of cyber attacks on U.S. nuclear reactors have brought upon public doubt on the strength of cyber protections at nuclear power plants. The response from nuclear plants has resoundingly been “no need to panic, nothing to see here,” but other pundits are saying “I’m not sure I believe that.” Looking between these narratives, what should the public believe?
Here is the background – judge for yourself
In 2008, Waterfall Security Solutions completed the first deployment of a Unidirectional Security Gateway at a nuclear power plant in the United States. Unidirectional Gateways are used routinely instead of firewalls for connecting SCADA and industrial control system (ICS) networks to less-trustworthy networks, such as IT networks and the Internet. Waterfall’s gateways provide business networks with real-time access to industrial network data, without risk to industrial networks, as there is physically no way to communicate any signal, message or attack from an IT network, or the Internet, back into a nuclear ICS network through the gateways.
Regulations are key
The results of Waterfall’s 2008 installation, and of Idaho National Labs’ successful 2009 cybersecurity assessment for the Department of Homeland Security, were discussed widely within the U.S. nuclear power industry. Within two years, the Nuclear Energy Institute (NEI) had issued guidance on the topic, and the Nuclear Regulatory Commission (NRC) had issued new cyber security regulations. Both gave operators the choice of connecting nuclear safety and control networks to less trustworthy networks, either with firewalls or with Unidirectional Gateways. Unidirectional Gateways’ deployments had a dramatically smaller set of additional requirements, protections, and related procedures and processes. This is because sites secured by Unidirectional Gateways are free from the risks of remote control attacks, online malware propagation and related threats.
At this writing, the majority of U.S. nuclear generators are protected by Waterfall’s Unidirectional Gateways.
We are not an island
Of course, there are other attack paths into control system networks, such as malware on USB drives and compromised laptops. Rest assured that Unidirectional Gateways are not the only protection deployed at American nuclear sites. The NRC regulations are exacting. Removable media of all types are strictly controlled, as are laptops and every other type of device.
So, to a public who may be skeptical of the strength of cyber-security programs at U.S. nuclear generators, I say ‘rest easy’ about cyberattacks from external networks penetrating the control system of a nuclear plant. It is right to be skeptical of IT-style network defenses, but U.S. facilities have physical protections for cyber security, not just IT-class software protections.
Other countries and industries are closing the gap
The U.K., Spain, France and Canada also have strong nuclear security regulations requiring unidirectional protection. Nuclear generators in some other countries are still “air gapped,” which is good for security but increases costs, because such plants cannot update business applications with real-time production information. Increasingly, other industries world-wide are also moving towards protection of their ICS networks with Unidirectional Security Gateways. This includes conventional power plants, railway switching systems, water systems, offshore platforms, refineries and more.
Our goal at Waterfall is to deploy Unidirectional Security Gateways and related protections at all industrial sites, globally. We are working towards the day when every report of yet another “new, advanced, sophisticated attack” is met with only yawns at industrial sites.