Cybersecurity is a topic covered frequently in the pages of POWER magazine, and one that all power plants need to take seriously. A recent simulation proved that the consequences of a hack can be grave.

The drill took place in Sweden, but could have been conducted anywhere in the world. The attack used plant control systems against themselves to flood a cooling system, showing that hacking of computer systems can lead to physical plant damage.

Some experts, including Robert M. Lee, founder of cybersecurity firm Dragos, believe cyber incidents go underreported in the nuclear sector. The reason is that the Nuclear Regulatory Commission only requires the reporting of incidents that affect the safety, security functions, or emergency preparedness of the plant.

Although air-gapping systems, that is, keeping them disconnected from the internet, offers some protection, it is not the complete answer. Viruses, such as Stuxnet, have proven that systems can be infiltrated using USB drives, contractor laptops, or through a host of other seemingly innocuous methods.…

Read More »