The Cybersecurity of Nuclear and Radiological Facilities

Abstract

This dissertation assesses the cybersecurity of infrastructure, critical infrastructure, and in particular nuclear facilities and radiological facilities. In recent years there have been numerous cyberattacks on infrastructure and critical infrastructure, perpetrated by terrorist groups, criminals, political activists, and rogue States. As discussed in this dissertation, cyberattacks pose major threats to public health, economic activity, natural environment, and military installations. Cyberattacks on nuclear facilities are also examined in this research study, and case studies regarding Stuxnet attacks on the uranium enrichment facilities in Iran and the reported attack on an Indian nuclear power plant is highlighted. Cyberattacks on Civilian Nuclear Facilities and Nuclear Weapons Systems are specifically discussed in this work, as the consequences of such attacks maybe irreversible. The meltdown of the core of the nuclear power plant, as occurred in Chernobyl and Fukushima power plants, would result in extensive radioactive contamination of the environment, radiological harm to the public, loss of power generation, and economic loss. Equally, malfunctioning of nuclear weapons systems as a result of cyberattack may have devastating consequences. Based on the research conducted in this dissertation, it is concluded that infrastructure, critical infrastructure, nuclear facilities and radiological facilities are highly vulnerable to cyberattacks. Hence, the resilience of these systems needs to be improved. Governments, international organisations, public bodies, corporations and individuals need to assess the risk to their systems, and institute measures to prevent and mitigate cyberattacks. In particular, Radiological facilities based at hospitals, medical centres, research centres and universities could be subject to cyberattacks, resulting in radiation exposure to the public and release of radioactive substances to the natural environment. This research study recommends that the risk of cyberattacks be assessed and policies and practices implemented to enhance resilience of infrastructure and critical infrastructure, with a view to preventing and reducing the likely consequences of such attacks.