French nuke biz slapped in mystery cyberattack

Blame Canada China North Korea oh, who knows

By John Leyden, 1st November 2011

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

French nuclear power group Areva may have fallen victim to an operating system-level electronic attack, which was first detected in September.

Conflicting French media reports suggest hackers had access to Areva’s network as far back as two years (Slate France, here) or that the problem only affected "non-critical" data and systems (France Info, here). French business mag L’Expansion reports the hack affected Areva's operations outside France and blamed Asian (read Chinese or North Korean) hackers for the attack.

Local reports are consistent only in terms of talking about cyber-espionage, perhaps involving malware rather than some kind of terrifying Stuxnet-style nuclear kit sabotage caper.

Staff reportedly learned that all might not to be well with Areva systems in mid-September, following a weekend security upgrade that left some systems out of action for three days. The National Security Agency Information Systems (ANSSI) reportedly assisted the security upgrade.

We invited Areva to comment in the hopes of clarifying what happened, but had yet to hear back by the time of publication on Tuesday. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections

All Reader Comments (9)

Highly Rated

Posted Tuesday 1st November 2011 14:23 GMT

Bernard

I know this point gets raised everytime something like this comes up

But I'm genuinely interested to know. What is the advantage to having critical systems like this connected to the internet? The disadvantages are frighteningly apparent, so what are the good reasons that lead to nuclear plants and other obvious targets being hooked up to the internet?

Posted Tuesday 1st November 2011 17:08 GMT

BeefEater

Did I miss something?

There does not seem to be any suggestion that "critical" systems were either infected or connected to the Internet.

As far as I can recall, no new reactors have been built in France for nearly 20 years, and at that time the internet was barely noticed.

The architecture of the approved control systems would not have included anything like Internet connectivity. If I recall correctly, the operator workstations were not even empowered to perform control actions and were limited to monitoring functions - there was no way that a computer that ran any sort of sophisticated graphics could meet the SIL rating required to be involved in control.

Over the intervening years there have almost certainly been some system upgrades, but the SIL aspect of computers has not improved so I would expect that the actual control is still performed by dedicated embedded computers using relatively primitive operating systems. That's not to say that they are automatically immune to network issues (if they are network connected) but your average computer virus or other malware would not get a foothold.

Whereas some Power Stations may use Siemens style PLCs to control them, Nuclear ones would not. They have to meet other regulations.

Posted Wednesday 2nd November 2011 16:28 GMT

Yag