There’s been a lot of media fanfare around smartphones recently but we should spare a moment's thought for Samsung and their Galaxy Note7. It’s been pulled from the market once again because they just keep setting on fire.


[UPDATE] World’s Nuclear Plants at Risk of Cyber Attacks

12th October 2016

As reported by Reuters, a nuclear power plant was in fact targeted by a cyber attack two to three years ago, and there is a serious threat of militant attacks on such plants - according to the head of the United Nations nuclear watchdog. International Atomic Energy Agency (IAEA) Director Yukiya Amano also cited a case in which an individual tried to smuggle a small amount of highly enriched uranium about four years ago that could have been used to build a so-called "dirty bomb".

"This is not an imaginary risk," Amano told Reuters and a German newspaper during a visit to Germany that included a meeting with Foreign Minister Frank-Walter Steinmeier. "This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it's the tip of the iceberg."

Read the full article here.

A report from the international affairs think tank, Chatham House, found that there is a growing risk of a "serious cyber attack" on nuclear power plants around the world. The think tank warned that the facilities were at risk due to the dated control infrastructure built into the computers, citing that it was "insecure by design".


In 2010 Iran became the victim of such an attack when it’s nuclear enrichment facilities were hit by Stuxnet. The worm infected computers; causing the nuclear centrifuges to malfunction and destroy themselves. Stuxnet allegedly destroyed one fifth of all of Iran’s centrifuges and set back the country’s nuclear programme several years.
The worry is that a combination of a lack of updated infrastructure alongside a sharp rise in the number of attacks by cyber criminals, state-sponsored hackers and terrorists means that the risk of an attack is “ever present”.
There is a myth that computer systems in power plants are immune from conventional cyber attacks due to the fact that they are isolated from the mainstream internet - known as ‘air gapped’. However, the air gap can be easily bypassed by something as simple as a flash drive, for which it is almost impossible to protect against if in the hands of a particularly motivated employee with sufficient security clearance.
Even the UK's nuclear plants and infrastructure are not well protected or prepared because the industry had converted to digital systems relatively recently. This increasing digitisation and growing reliance on commercial software is contributing to the risks faced by the nuclear power industry. Chatham House stressed the importance of security measures, saying; "even a small-scale cyber security incident at a nuclear facility would be likely to have a disproportionate effect on public opinion and the future of the civil nuclear industry".
The findings from Chatham House are undoubtedly worrying but it is not a cause for hysteria just yet. After all, the rigidity of the existing security network keeps potentially damaging breaches at bay for now. However, we must ask; can cyber terrorists actually kill people? This is a question that has been addressed in an article by David Di Domenico, Managing Director of IQ Analytics, and can be found here.
As the threat of a major cyber breach increases, the Information Systems Security Association (ISSA) have predicted there are anywhere between 300,000 and 1,000,000 vacant cyber security positions worldwide. How long will it be before we are without the cyber talent to keep the hackers at bay?