South Korea Says Nuclear Reactors Safe After Cyberattacks 54
wiredmikey writes South Korea on Thursday ruled out the possibility that recent cyber-attacks on nuclear power operator Korea Hydro and Nuclear Power Co (KHNP) could cause a malfunction at any of the country's 23 atomic reactors. Earlier this week, South Korea heightened security in the wake of the leaks, with the defense ministry's cyber warfare unit increasing its watch-level against attacks from North Korean and other hackers. On Monday, KHNP launched a two-day drill, testing its ability to thwart a cyber attack.
Re: Let's just cover the earth with nuclear reacto (Score:1)
Or we could just make sure the reactors we have are not connected to the Internet.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
I'd back the former as more secure versus the latter just about everywhere, probably even in the USA given some massive fuckups in defence industry electronics at times.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Haven't you heard? We've always been at war with East Asia.
Re: (Score:2)
I'm pretty sure you don't understand what the Republican platform really is.
1. Find out what the Democrats want to do.
2. Denounce and oppose it.
Re: (Score:2)
Correction
1: Find out what the Democrats want to do
2: Do the same
Well, yeah, but not before denouncing it.
Re: (Score:2)
You mean like the U.S.'s domestic oil production that Bush couldn't pursue because environmentalists couldn't bear the impact it would have on their cause?
Oh wait, somehow it's OK now because their own guy is in office?
If you were paying attention, these Environmental Strawmen you are railing against are just as pissed at th e current occupant as they were at President Cheney.
Re: (Score:1)
Lets be real. Seoul has more conventional weaponry pointed at it than any city in the world. DPRK doesn't need nukes to turn their southern neighbor's most famous and most important city into a crater.
Realistically, no US President will overtly do a thing about North Korea. It has served China as a distraction and a buffer zone, and China ultimately will step in and claim NK as under their protection, sending in PLA troops like the USSR sent in Russian tanks if one of their puppets ran into trouble.
Howev
Here's a brilliant idea... (Score:5, Insightful)
Lets just air-gap those systems -- unless someone can explain why we need to make a nuclear reactor accessible from the Internet.
Re: (Score:2)
Lets just air-gap those systems -- unless someone can explain why we need to make a nuclear reactor accessible from the Internet.
So the bean counters and shareholders can check up on them and make sure they are serving them in the cheapest and most profitible way possible?
Then later the IOTs can control your refrigerator and stove for maximum efficiency.
Re: (Score:3)
Lets just air-gap those systems -- unless someone can explain why we need to make a nuclear reactor accessible from the Internet.
Most are airgapped. But with cellphones and cell enabled laptops you suddenly have new weak points you didn't used to have to worry about.
Re: (Score:2)
A jumper in the wrong place or an ice-cube relay being removed can ultimately have similar effects. Ban fingers too?
A properly designed system has one set of PLCs for primary control, and a separate one as a supervisory system to ensure basic functionality always is online. The secondary system wouldn't control pump speed, but it would ensure coolant is flowing of the system is on.
It would be relatively easy to keep a nuclear power plant from operating at peak efficiency, but unless IKEA or WalMart have s
Re: (Score:3)
An air gap can't protect against the idiot operator who plugs in his USB stick to watch a movie in the middle of the night out of boredom.
Re: (Score:1)
Re: (Score:3)
And when something in the control system needs to be updated to handle a new piece of equipment, what are you going to do...?
Stuxnet has proven air-gaps are not invulnerable - and it used multiple vulnerabilities. It existed on a PC that was infected and merely infected a USB drive that was plugged in which then was plugged into a control PC used to reload PLCs.
Of course, that control computer was vulnerable because being
Re: (Score:1)
I'd be more concerned with a Stuxnet type of attack.
WHY? (Score:1)
I don't get why these critical assets are hooked to the internet. Surely that isn't possibly true? You'd think any sane system would have them on their own network sealed off from any possible outside connection. Why do they need internet access? To browse facebook? Porn?
Re: (Score:1)
Of course not. The Facebook, porn, and shopping, for the most part. Oh, and cat videos.
Re: (Score:2)
Of course not. The Facebook, porn, and shopping, for the most part. Oh, and cat videos.
Plus, nothing ever got done before the intertoobz. It was impossible.
Re: (Score:3)
Most currently active reactors were designed, built and certified in the sixties and seventies. All systems in those plants are 60's or 70's electronics. Most won't even have something as modern as a pdp-8 to control stuff. Go watch the China Syndrome if you need a reminder.
Interfacing 40 year old control electronics to modern computers is more than a 'airgap'. It's more like your kid trying to explain GTA4 to a stone age caveman without a computer present.
Re:WHY? (Score:5, Informative)
Most currently active reactors were designed, built and certified in the sixties and seventies. All systems in those plants are 60's or 70's electronics. Most won't even have something as modern as a pdp-8 to control stuff. Go watch the China Syndrome if you need a reminder.
Having worked in the field, I need to call bullshit on this. Umm, yeah, the China Syndrome was fiction . And yes, while many active reactors were designed, built, and initially certified (FTFW) in the 60's and 70's, they have all undertaken numerous upgrades and safety improvements since.
Hollywood and Reality are two different things (hard to tell in the U.S., but it's true!). Nuclear operators have to work very damned hard and jump through a lot of hoops to demonstrate that their plants are safe to operate. Dealing with FUD dispensed by people who think they know it all because they watched it in a movie is the reason nuclear power is so expensive relative to other alternatives. But you can spout your ignorance some more if you would like; it's a free country I'm told.
Re: (Score:2)
Well since you are familiar with this stuff maybe you can inform us a little. Are these things really vulnerable to hacking? I mean over a network of course, anything can be hacked if you have physical access.
Re:WHY? (Score:5, Informative)
I'm not worried about some internet group getting into the systems remotely. A Stuxnet-type attack is definitely possible, but smart protocols (no unauthorized electronics, thumb drives, etc. on site) will make this very hard. Someone will eventually goof up, but even then there are so many overrides that executing a safe shutdown is possible even if the control systems are hacked.
I think a physical on-site attack is far more probable and worrisome (terrorists with guns taking control of a plant). There is a lot of security around U.S. plants these days, but a whole lot of complacency has built up since 9/11 and a few thousand days of nothing happening takes a toll. 20 well-armed jihadis ready to give their all for Allah and their 72 virgins could probably get into a plant. What they could do from there, who knows. Simply getting into a containment and draining a reactor pool would be pretty bad if there was a significant amount of fuel stored (which is the case in a lot of old plants) but containable. They would have to figure out how to shut down and/or disable a lot of safety controls to do anything serious. The plant itself would fight them pretty hard. If they got physical access to the containment and tried to blow up stuff, could be bad but likely containable. PWRs have systems to cope with large break loss-of-coolant accidents, which is pretty much a massive steam explosion and loss of core cooling, as bad as things get.
I honestly don't think terrorists could do anything that would cause anything worse than contained damage and contamination, nothing that would harm the neighbors. However, given the FUD already circulating about nuclear power (yeah, I'm looking at you Mr. Burne) I think it would be enough for them to just take the plant and then sit around drinking coffee. Even if they did no damage at all to the plant, got mowed down by the good guys in 10 minutes, the simple act would have the world shitting bricks. And that is what terrorism is all about, stirring up unaccountable fear.
Re: (Score:2)
Wtf stupid phone doesn't let me paste the link, but Google will find it to.
Re: (Score:3)
Re: (Score:2)
I don't get why these critical assets are hooked to the internet.
They aren't. Of course, one might assume they are based on the article's title.
ok... THIS time (Score:2)
there is always a next time for hackers, and they learn each time they get in. moral: disconnect from the web. VT102 terminals would make a dandy airgap, but they won't run the manglement crap.
Heads in the sand, anyone? (Score:1)
Coming after the Stuxnet experience and the recent hack of a steel mill in Germany, which forced an emergency shutdown of the furnace, with 'heavy damage', the complacent assertion that no cyber attack could cause a reactor malfunction just seems witless. Of course these reactors are susceptible to getting hacked, the main obstacle is the relative obscurity of the control systems and the reality that there are multiple different designs in service, so that a wide ranging attack is very complicated. By the s
Re: (Score:3)
Software changes to systems very infrequent, so even if me
happy new year sms (Score:1)