Cybersecurity researchers notice an upward trend regarding malicious threat campaigns against nuclear entities in different countries globally. Based on reports, there are various cybercriminal activities against nuclear activities this year, and threat actors showed that their operations are getting more advanced as time passes.
A recent cybersecurity tally revealed that the barrage of cyberattacks against nuclear entities started as early as February this year. In addition, these attacks were seen by researchers in nuclear facilities in countries such as Indonesia, Taiwan, Thailand, Russia, India, Iran, South Africa, and Brazil.
Moreover, another threat group last June breached the Taiwanese power company Taipower, a Nuclear Power Plant Evacuation Information Platform. After the intrusion, the threat actors posted screenshots of the stolen source code from the powerplant.
However, the most recent incident against nuclear-related entities was recorded by cybersecurity researchers last September, in which the Black Reward hacking group claimed credit for the campaign.
The nuclear-related cyberattack was against the Iran Atomic Energy company. The entity admitted that the hackers successfully accessed their email systems, private agreements, personal plans, PII, and private conversations.
Some cyberattacks were still successful against nuclear entities despite their high security.
Experts explained that nuclear entities are still unsafe from cyberattacks since there will still be vulnerable OT/IT devices. Exposed assets and misconfigured networks. Nuclear firms cannot avoid these flaws since they could be present in critical components within any entity.
Numerous confidential data and PII regarding critical sector employees and organisations are exposed on the internet, which the actors could exploit and use to attack a targeted entity. These methods could worsen and become widespread threat campaigns in any organisation, not just a nuclear entity.
Therefore, experts recommend that nuclear power plant admins implement a network to keep critical safe behind multiple layers of firewalls. Additionally, nuclear sites should keep applications updated, and communication materials should be MFA-equipped to avoid being breached by hackers.
Nuclear-related industries must adopt a powerful cybersecurity solution to detect any cybersecurity threats and protect critical data to avoid disruption or problems.
