UK nuclear site hacked by Russian, Chinese groups | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Russian and Chinese-linked cyber groups have hacked a major nuclear waste site in the U.K., a year-long investigation by the Guardian revealed on Dec. 4.

Sellafield, on England’s northwest coast, is one of the most hazardous nuclear sites in existence. It has been used to dump nuclear waste from atomic power generation and weapons programs since 1959, turning it into the world’s largest store of plutonium.

Security officials see cyber-attacks by Russia and China on civil infrastructure such as nuclear sites as one of “the biggest threats to the U.K.,” the Guardian said.

Sellafield’s insecure servers resulted in foreign hackers gaining access to high-level confidential material, which could include radioactive waste movements, leak monitoring, and fire checks.

The Guardian reported that emergency planning documents, used in case the U.K. comes under foreign attack, could have also been compromised.

“Sources suggest it is likely foreign hackers have accessed the highest echelons of confidential material at the site.”

Breaches were first discovered in 2015, but “the authorities do not know exactly when the IT systems were first compromised,” the Guardian said. The plant also failed to alert the Office for Nuclear Regulation (ONR) for “several years,” sources told the newspaper.

The scale of the issue was revealed when external staff “found that they could access Sellafield’s servers and reported it to the ONR.”

US: Major Russian cyberattack compromised 632,000 Pentagon, DOJ email addresses

The report issued by the Office of Personnel Management says hackers used flaws in the file-transfer system MOVEit to gain access to wide-ranging sensitive information.

While the ONR “confirmed Sellafield is failing to meet its cyber standards,” the regulator declined to comment on breaches or claims there had been a “cover up.”

Lax security protocols appear to be a broad issue. The Guardian noted that in July 2022, login details and passwords for Sellafield’s IT systems were momentarily shown during an episode of a popular BBC nature series filmed at the site.

Amid the ongoing full-scale invasion, Ukraine frequently reports attempted Russian cyber-attacks and hacks.

Reuters reported in September that Russian hackers were targeting computer systems at law enforcement agencies in Ukraine in an attempt to gather intelligence on war crimes probes.

The National Security and Defense Council warned in February that the number of Russian cyberattacks on Ukraine has almost tripled compared to 2021, targeting logistics, military facilities, government databases, and information resources.

Government appoints new top cyber defense official

The Ukrainian government appointed Yurii Myronenko as the new head of the State Special Communications Service after the previous chief was charged with embezzling public funds, the service announced on Dec. 1.

!function (f, b, e, v, n, t, s) {
if (f.fbq) return; n = f.fbq = function () {
n.callMethod ?
n.callMethod.apply(n, arguments) : n.queue.push(arguments)
if (!f._fbq) f._fbq = n; n.push = n; n.loaded = !0; n.version = ‘2.0’;
n.queue = []; t = b.createElement(e); t.async = !0;
t.src = v; s = b.getElementsByTagName(e)[0];
s.parentNode.insertBefore(t, s)
}(window, document, ‘script’,
fbq(‘init’, ‘3189560391356472’);
fbq(‘track’, ‘PageView’);

window.fbAsyncInit = function () {
appId: 271541601613017,
cookie: true,
xfbml: true,
version: ‘v2.5’

(function (d, s, id) {
let js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); = id;
// @ts-ignore
js.src = “”;
// @ts-ignore
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, ‘facebook-jssdk’));


Click Here For The Original Story From This Source.

National Cyber Security