The Chatham House project on Cyber and Nuclear Security aims to assess the risks and vulnerabilities of the international civil nuclear sector in regards to cyber security and to identify potential policies and international measures to enhance cyber security in the wider nuclear security field.
The exploitation of cyber vulnerabilities in critical infrastructure is becoming an increasingly pervasive security threat. At the global level, dependence on cyberspace is increasing and creates new and unexpected vulnerabilities. This dependence extends to nuclear energy production plants, which rely on computer networks for most internal processes. Many plants are connected to external networks, and there are a variety of ways in which a malicious actor could exploit these dependencies to create a security incident.
Since the stark illustration of the impact of a natural disaster at the Fukushima nuclear plant in 2011, there is renewed concern that attacks on civil nuclear installations—including cyber attacks—may prove attractive to terrorist organizations and to states. In addition, alleged US and Israeli involvement in the Stuxnet attacks on Iranian nuclear infrastructure may lead to reprisal attacks and an escalation of hostilities. Attacks could be carried out by individuals or organizations in places where the rule of law is poorly enforced, which impedes efforts at deterrence. The situation is further complicated by conflicting public and private sector perspectives on how to mitigate threats. This issue is rapidly garnering increased international attention, with concerns about nuclear vulnerabilities to cyber attacks highlighted at the March 2012 Nuclear Security Summit in Seoul.
The project goals are to:
1. assess the risks and vulnerabilities of the international civil nuclear sector in regards to cyber security
2. identify potential policies and international measures to enhance cyber security in the wider nuclear security field
Over an 18 month period, the project will establish and engage with a strong constituency of international experts and stakeholders from a wide range of the fields through:
The project is funded by the MacArthur Foundation International Peace and Security Program.
Phase 1: A survey of existing risks, vulnerabilities, and potential impacts, including through interviews and a literature review.
Phase 2: Investigation of potential ways to reduce undesired activity, and development of proposals for international policies and measures. In order to have direct policy relevance and utility, researchers will engage with international stakeholders from across the field.