Democrats wonder about possible cyberattack on nuclear facilities

Was a cyber attack responsible for last summer’s shut down of Alabama’s Brown’s Ferry nuclear plant? So wonder Democrats on Capitol Hill, who sent a letter late last week to Chairman Dale Klein of the Nuclear Regulatory Commission (NRC) demanding an investigation into IT security at the nation’s nuclear facilities. The incident in question occured on 19 August 2006, when the loss of both of the plant’s recirculation pumps forced a manual shut-down. According to congressmen Bennie Thompson (D-Mississippi), and James Langevin (D-Rhode Island), plant personnel later determined that “excessive traffic” on the plant’s computer network was responsible for the incident, eventually deciding to install a firewall, among other corrective action.

Nevertheless, say Thompson and Langevin, “NRC staff decided against investigating the failure as a ‘cybersecurity incident’ because 1.) the failing system was a ‘non-safety’ system rather than a ‘safety’ system, and 2.) it was determined by the licensee that the incident did not involve an external cyber attack on the system.” The congressmen have asked NRC to reconsider such procedures, institute comprehensive cybersecutity policies, and reinvestigate the source of the data surge. “Without a thorough, independent review of the logs and associated data, the assumption that this incident is not an outside attack is unjustifiable,” they wrote.