Sellafield denies nuclear site’s networks have been victim of cyber attacks
An investigation by The Guardian said it had found security breaches dating back to 2015.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Sellafield has denied reports that its IT networks have been attacked by cyber groups linked to Russia and China.
The Guardian said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for “several years”.
The year-long investigation, named Nuclear Leaks, said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.
But a statement from Sellafield Ltd, which runs the site under the control of the Government-run Nuclear Decommissioning Authority, said the company had “no records or evidence” that its networks had been “successfully attacked by state actors” as outlined in the report.
Downing Street said public safety has not been compromised.
Prime Minister Rishi Sunak’s spokesman said: “The regulators have reassured the Government that public safety is not compromised at Sellafield and the public should be reassured of that.”
The official added: “The National Cyber Security Centre has warned of the cyber threat to our critical national infrastructure for some time. That’s why we’ve worked closely with UK businesses, organisations to improve cybersecurity and resilience across a range of sectors.”
Sellafield’s statement said: “Our monitoring systems are robust and we have a high degree of confidence that no such malware exists on our system.
“We take cyber security extremely seriously at Sellafield. All of our systems and servers have multiple layers of protection.
“Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these.”
The Guardian investigation looked into cyber hacking, radioactive contamination and workplace culture at the site, which housed a nuclear power plant until 2003 and is used for nuclear waste processing and storage as well as decommissioning.
The report quotes sources at the Office for Nuclear Regulation (ONR) as saying that Sellafield was placed into “special measures” last year over cybersecurity failings.
An ONR spokesman told The Guardian: “Some specific matters are subject to ongoing investigations, so we are unable to comment further at this time.”
Ed Miliband, shadow secretary of state for energy security and net zero, told the paper the report is “very concerning” and needs to be “treated with the utmost seriousness” by the Government.