Written by Aleksandra Ćirković for 57th issue of ESTIEM Magazine

Schools with no students, homes without families, parks with no children to play around — this is Chernobyl exclusion zone. Multiple factors led to the fatal security test failure on April 26, 1986, which is now known as the largest environmental disaster in the history of nuclear energy.

The reasons for the explosion (brought up by the World Nuclear Association in 2009) were poor reactor quality, lack of employees’ knowledge and the lack of safety culture and protocols.

There are currently 31 active nuclear-power plants on Earth, each of them driven by the most modern technology. We have a far greater knowledge of reactor elements and their behaviour now and the best IT (Information Technology) experts are hired to manage them, and more importantly, to protect them.

During the past couple of years, there have been multiple nuclear-power plants cyber attacks, caused mostly by some kind of a computer worm. A computer worm is standalone malicious software (malware) that is able to replicate itself in the memory of each computer in its path. Worms make it difficult for the network to operate and can damage data and compromise computer security. They usually get into the system through some of its weak points. There are now established protection protocols regarding hardware and software in nuclear facilities. If the systems are not up-to-date, they are more exposed to all types of cyber attacks. All updates must be tested on remote systems and all changes must be documented and transparent to the people who work on maintaining that system.

The stricter regulations on most of the nuclear-power plants that have been in place since the Chernobyl explosion include a requirement that networks connecting nuclear power machines must be separated from the business side of the plant. This means that in order to prevent nuclear core manipulation by some malware, it is needed to physically separate these systems, due to digital firewalls do not guarantee complete separation.

Even though cyber security protocols in nuclear-power plants cannot all be listed in one paper and are very complicated and expensive to implement, it is crucial to understand their importance and to learn from them. Malware (worms, viruses, Trojans, bots, etc.) can be very dangerous in any other industry, but can also harm us as individuals.

None of us would like to be under attack, but with the growth of the IT industry and computer literacy, together with the lack of adequate laws regarding cyber incidents, the number of cyber attacks grows every day. Things that we can do to protect our safety are:

  • Update and upgrade your computer’s operating system and antivirus program regularly.
  • Use secure browsers with security extensions.
  • Do not use the content you download before checking it and taking care of where you download the material from.
  • Do not send confidential information by email.
  • Sign out of any site you were previously registered with.
  • Use trusted sites, especially when you leave sensitive private information and use online financial services.

Lastly, enjoy and learn on the Internet, but remember to use it responsibly, because it is not all fun and games in the end.