Slashdot Log In
U.S. Plans to Tighten Nuclear Power Plant Security
Posted by
samzenpus
on Wed Jan 26, 2005 09:27 PM
from the don't-come-in-here dept.
from the don't-come-in-here dept.
CDMA_Demo writes "The 103 nuclear reactors running in USA can voluntarily agree to follow a new 15 page update to a 1996 regulatory guide. The update notes possibility of "unauthorized, undesirable, and unsafe intrusions", and recommends measures aginst such activities. It also recommends such facilities to be cut off from external networks: "Remote access...[that may pose a potential security risk]...should not be implemented". The Slammer worm in 2001 managed to bring down the network at Ohio's David-Besse nuclear plant and concerns kept growing at the United Nations' International Atomic Energy Agency (IAEA)."
This discussion has been archived.
No new comments can be posted.
U.S. Plans to Tighten Nuclear Power Plant Security
|
Log In/Create an Account
| Top
| 248 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Away from External Networks (Score:5, Funny)
(http://www.python.org/)
Volunteering... (Score:5, Insightful)
(http://www.dilvie.com/ | Last Journal: Tuesday March 08 2005, @08:18PM)
Re:Volunteering... (Score:5, Informative)
An anecdote. (Score:5, Interesting)
(http://slashdot.org/)
Delta Force operators come on an occasional announced, i.e. they know they're coming, basis to try to infiltrate. Supposedly they have succeeded every time.
You gotta be kidding me. (Score:5, Funny)
(http://www.fantasticdamage.com/)
Remember to always question policy this way: WWJBD? What Would Jack Bauer Do?
That is all.
* Yes I know, it's TV.
Wouldn't you think... (Score:4, Insightful)
(Last Journal: Sunday December 03 2006, @11:20PM)
That MAYBE, they would've done this, oh I don't know, say in October of 2001?
But silly me, what do I know about national security. Here I still think it's better to make less enemies than more.
Re:Wouldn't you think... (Score:4, Insightful)
Exactly. You know nothing of national security.
You see, what you are supposed to do is piss off most of the world, and when they start coming after you, ignore it. After you've been hit a couple times, declare your patriotism and implement strict new laws which ironically only limit the legal citizens in your country. Then to top it off, you enact a few meaningless laws which limit people's mobility but makes the dumbest 51% of the population feel more secure.
After that, declare the war "won" and go about your way. It's time to piss off more countries my friend...
Monday Night on Fox (Score:2)
(http://www.everythin...x.pl?node_id=1188435)
And this, just in time to coincide with a current plot point / terrorist threat in 24 [fox.com]!
Don't get any big ideas, the government has got us covered.
I'd like to say (Score:2)
(http://ellem.is-a-geek.org:5280/...html | Last Journal: Tuesday October 02, @10:35AM)
Slammer? (Score:5, Insightful)
(http://www.foobarsoft.com/)
That would be common sense, wouldn't it? I'm not trained in network security, but why would controll systems need to be connected to the 'net?
PS: I'm ignoring the obvious "Why are you running Windows and not some ultra-hard OpenBSD or RTOS or something".
Re:Slammer? (Score:5, Insightful)
(https://addons.mozil...&application=firefox)
They aren't. Just like the critical systems for life support aren't. Just like the Ballistic Missile Early Warning System isn't. There are, however, obviously people at the DOD, hospitals, and even nuclear power plants who do the same kind of tedious work done in other places (spreadsheets, memos, powerpoint presentations) and THEIR computers are often connected to the internet. Honestly, I understand why the media likes to make it sound liike the power plant control system crashed because of a virus, but I don't understand why so many people swallow the intimations of the inflamatory headlines.
Windows + Nuclear Reactor = Scarey (Score:1)
Re:Windows + Nuclear Reactor = Scarey (Score:4, Funny)
You can't say nuclear That really scares me Sometimes a brain can Come in quite handy.
Well, yeah. (Score:2)
(http://taltos.pha.jhu.edu/~tamas/)
Slightly offtopic but .. (Score:1)
So despite all this potential for generating more than enough energy for decades to come... why bother resorting to all kind of foreign policy antics to obtain the tradional heavily polluting energy sources ?
Re:Slightly offtopic but .. (Score:4, Informative)
My home state of Maine became the site of the first complete decomissioning of a large commercial reactor. The plant became operational in '72 ( and it had to survive a referendum to close it in '80, '82, and '87). In '95 it was shutdown many months for repairs and they discovered cracks in the steam generator tubes. The plant opened back up for less than a year I believe, they evaluated the cost to refit the plant and they decided they would have a hard time making back the investment in refitting the plant, so they shut it down permanently. They had originally intended to operate the plant at least until 2020 or 2030. Part of the huge cost was the fact that they need to store the waste onsite. Now all that is left of the plant is a semi-permanent high-level waste storage facility on a few acre footprint. Several hundred acres of the plants land are already being developed on. Several hundred more are a peninsula where the waste storage is located and the gated access make it less attractive for commercial development.
Bush wants to have a new reactor running in the US in the next 10 years. This will be the first approved since '79 and the first to come online since the mid 90's.
The conversation that started it all... (Score:5, Funny)
(http://asskick.cjb.net)
Wife: It's a good thing the real nuclear power plants don't allow remote access! Man what fanciful terror alert situation will those 24 writers think of next?
Official: Uh...
Re:The conversation that started it all... (Score:4, Interesting)
OMFG, one of our reactors is MISSING!!!!
External Networks? (Score:3, Insightful)
(http://thepeopleseason.livejournal.com/ | Last Journal: Friday August 11 2006, @02:09PM)
Umm, why the hell would a self-contained/self-sustaining system need to be connected to an external network in the first place?
Sorry, you work at a Nuclear Power Plant? Check your frelling AOL/Yahoo/Hotmail e-mail on your own damn computer, on your own damn time.
Oh well... (Score:2, Interesting)
(http://shortcircuit.us/ | Last Journal: Sunday October 14, @02:01AM)
Looks like that kind of educational oppertunity won't be happening as frequently, now. IIRC, that was the first tour they'd given since the plant was opened. That gives you a sense of perspective as to how common such oppertunities are.
Though other plants may perhaps hold more frequent tours, I doubt few outsiders will get to see the turbines and dynamos of an operational plant.
Re:Oh well... (Score:4, Interesting)
(http://harry.blogdns.com/)
Pretty freaking cool, imo.
let me just say.. (Score:1)
Sucks for Homer (Score:4, Funny)
15 pages in 4 years = ~4 pages per year (Score:2, Interesting)
Windows and Nuclear?? (Score:2, Funny)
A little typo (Score:2)
(http://www.unity08.com/)
Retaliation? (Score:2)
(http://slashdot.org/)
You can feel safe (Score:2)
(Last Journal: Thursday August 26 2004, @08:32AM)
It's like they were planning to find weapons of mass destruction in Iraq, or they were trying to catch Osama Bin Laden in Afghanistan. Another example of ineffectivity and paralyzed work, three years after a serious security incident...
Weakest Link (Score:2, Insightful)
(http://192.168.1.1/ | Last Journal: Wednesday August 16 2006, @09:57PM)
1) All US international shipping ports: plenty of room for trouble there (the Sum of All Fears, anyone?)
2) Water/Sewage treatment plants: one of the best ways to spread pathogens (or scare a whole lot or ppl)
3) Major Power line junctions to help prevent another power outage like the one we had thew hit most of the Northeast in 2003 (thanks, Ohio!)
4) the Coast Guard.
Nukes catch poeple's attention and imagination, but there's penty of room for trouble elsewhere that is just as potentially damadging.
my 2 cents.
This is not a suprise after latest net nuke attack (Score:5, Funny)
(http://www.deftracing.com/)
This all in an attempt to use a remote control system developed for nuclear installations in case of a radiation leak or disaster.
It's no suprise... not like there wasn't a nuke detonated in the desert all those years ago. About time they wake up.
Infection (Score:3, Funny)
(http://www.fuzzums.nl/)
In other news (Score:3, Funny)
The Only Concerns at IAEA (Score:2)
are that Bush still wants to get rid of ElBaradei in order to pull off another pile of bullshit about Iran's "WMDs".
Fortunately the rest of the world - including the "Bush poodle" Blair - aren't going along with it.
Let's hope it wasn't Java in 2001 (Score:1)
(http://narnia.dnsalias.org/gnue/)
(Sorry for lowercase. Slashdot rejects original capitalization as "lameness" and "yelling.")
Easier the first time around (Score:2)
I don't much care if a local gun store is built like Fort Nox. I do expect nuclear facilities, chemical, explosive, and military facilities to be though - considering the larger number of population at threat.
I think TFA is slashdotted now and I can't get it. However, why not build more rigourous National secuirty standards before the plants are builts (again, I suspect they are, but given the lives at stake
Also, why so long after 9/11? Is it just to cover the threat flavour of the month or does it take 4 years of oversight of the overseers to see what is missing?
Remote access (Score:1)
(http://narnia.dnsalias.org/gnue/)
Windows + Bypassed Firewall = don't connect it ?? (Score:1)
To me, the lesson to be learned would be that you do not completely bypass a firewall for windows' boxes doing critical work.
The govt. suggests completely cutting them off from the outside world?? Why not instead suggest that they enforce the firewall, and perhaps consider other OSes?
Even with no external network connection, I'd think they'd still have an internal LAN, yes? One infected usb-key or floppy could then have the same outcome?
I worked at a Nuclear Power Plant (Score:5, Informative)
I even worked in IT. Here is how it works (at least at the one I worked at): all of the software that actually runs the plant is over 25 years old (and therefore does not run Windows). It runs some obscure custom shit, not that obscurity is efficient at security, but I guess it kinda helps. Yes, the computers used by the Secretaries, the Maintenance staff, the Managers, etc. all run Windows. The servers ran Red Had 7.3. This is all fluff. If this breaks or gets corrupted one of two things happens to the reactor: 1. Nothing or 2. Nothing. There are two ways the the system is electrically connected to the outside world, and both of them are through high voltage power lines, which cannot really be used to send data in to break things. If you want to break something, you need to physically be there to do it.
If you work in a nuclear power plant, you are going to continue to do everything you can think of to make it even harder for someone to sabotage the place. Physically, this includes multiple walls, gates, barricades, guns, and more to protect the containments. From a procedural standpoint, this means anyone who wants to get on-site gets ran through a database to check your history, after getting an employee escort. Anyone who wants to get into the protected area gets personally approved after a more in depth background check, and a heck of a lot of red tape.
If you are just Joe Public (no offense), you have a much higher chance of dying in a car accident so I wouldn't worry about this.
And No, I didn't RTFA, but I figured as long as my comment was more useful than the rest of them (read: references to 24), I figured this comment would be helpful.
physical security? (Score:3, Informative)
(Last Journal: Wednesday May 05 2004, @01:25PM)
This is anecdotal, but minorly noteworthy - My mom used to work for the company that owned and operated Three Mile Island - the (physical) security was intense: the perimeter was ringed by towers manned by security offers with rifles and a 'no warning shot' policy - you approached the perimeter from an undesignated direction and you got shot, period.
I still have one of the security force's hats, says "TMI Rapid Response Team" and has a crosshairs in the middle.
Triv
Hey, you- what are you doing?!! (Score:3, Funny)
24 (Score:1)
David-Besse (Score:1)
D'oh (Score:1)
(Last Journal: Wednesday February 15 2006, @01:31PM)
NRC's comments (Score:1)
This hardware is ancient, hardwired, and low tech. Suppliers are most likely limited to GE, Westinghouse and Combustion Engineering.
The side benefit is that the engineers would have to get out of their chairs and go walk their systems down. If they didn't get lost...those plants are huge.
Security at nuclear power plants??? (Score:1)
Ya' think?!
I hate to bring out a sticky point but.... (Score:1)
God help us because the nation is run by total mindless clusterfucks and assclowns! Glad that at least I didn't vote for them, at least. Just a different bunch of nimrods and dipshits, that's all. (end of rant)
Don't forget physical access. (Score:1)
(http://www.positech.co.uk/)
The total physical security to prevent this (peaceful) demonstration was 2 blokes with helmets and no guns whatsoever. (this is in the UK). This was in borad daylight, and as we entered the site, someone walked into the reception building and told them.
This was a peaceful demo.
If we had been terrorists, at night with knives or silenced pistols, we would have been in the control room with a backpack full of semtex within 10 minutes.
There is ZERO security around UK nuclear facilities. Even after our demo and they said they'd beef security, greenpeace did a similar demo at the SAME SITE a month later and got in again no problem.
Easy fix! (Score:1)
Imagine the look on the terrorists faces after they attack a "nucuuler plant" that turns out to be a fake cooling tower over the local Waffle House.
Hash browns!
Asimov's warning comes true (Score:2)
(http://www.45.free.net/~vitus/ice | Last Journal: Friday July 09 2004, @02:12AM)
Idea to cut the nuclear plants from external networks looks quite simular.
Circumstances (Score:1)
(http://www.pt171.org/)
Shit, It's harder for terrorists to get nukes? (Score:1)
Re:Sneaking out with rods (Score:4, Informative)
(Last Journal: Sunday December 03 2006, @11:20PM)
Please google for the string "dirty bomb".
Re:Sneaking out with rods-ROLFLOL!! (Score:5, Interesting)
1. Terrorists storm a reactor and try to steal uranium or plutonium to make bombs.
Not likely. Assuming attackers could shoot their way past the beefed-up phalanx of armed guards, traffic barriers and guard towers that now surround every nuclear plant, they'd still have to fight their way into the reactor building through multiple levels of remote-activated blast doors--where access requires the right key card and palm print--to get to the spent-fuel pond, says Michael Wallace, president of Constellation Energy's generation group, which operates five nuclear reactors. The pond is where highly radioactive used fuel sits in 14-foot-long stainless steel assemblies cooling under 40 feet of water. Terrorists couldn't just grab this stuff and run because, unshielded, it gives off a lethal dose of radiation in less than a minute. To avoid exposure, terrorists would have to force workers to use a giant crane inside the reactor to load the assemblies into huge transfer casks, then open the mammoth doors of the reactor building and use another crane to lift the cask onto a waiting truck--all the while being shot at by the National Guard.
And While we are at it, How about crashing a plane into the reactor?
2. Terrorists crash a plane into a reactor, leading to overheating and a meltdown.
Even less likely. Assume that terrorists could get past tightened airport security and fight off passengers to get through new, improved cockpit doors and take control of a plane. Even then they'd have to crash the jet directly into a reactor to have any chance of breaking containment. In 2002 the Electric Power Research Institute performed a $1 million computer simulation to assess such a risk. Conclusion: A direct hit from a 450,000-pound Boeing 767 flying low to the ground at 350mph would ruin a plant's ability to make electricity but not break the reactor's cement shield. Reason: A reactor, smaller in profile than the Pentagon or World Trade Center, would not absorb the full force of the plane's impact. And, for all the force behind it, a plane, built of aluminum and titanium, has far less mass than the 20-foot-thick steel-and-concrete sarcophagus enclosing a nuclear reactor. It would be like dropping a watermelon on a fire hydrant from 100 feet.
Subscription required: Stopping the Bad Guys [forbes.com]