Special Team for Cyber Defense of Nuclear Facilities to Be Established in Ukraine

This proposal was expressed by an expert of the George Kuzmich Training Center for Physical Protection, Accounting and Control of Nuclear Material Serhii Drapei within the XIV Ukrainian Conference on Physical Protection, Accounting and Control of Nuclear Materials. The event took place from 18 to 22 September at SUNPP site in the Mykolaiiv region.

Expert of the George Kuzmich Training Center for Physical Protection, Accounting and Control of Nuclear Material Serhii Drapei

According to the expert, the first serious cyber attack in Ukraine occurred in 2015. Then the population of Ivano-Frankivsk region was left without electricity. The virus attacked the systems of Oblenergo and Kyivenergo Companies. In the capital, the attack was coped with faster. In Ivano-Frankivsk, thousands of people were left without light. “This is not very frightening when it happens, for example in a private house when watching TV series, but if it happens in a hospital during a surgery it’s terrible,” Serhii Drapei notes.

On 16 January 2016, the virus was registered at the Boryspil airport. “It is not difficult to imagine what consequences could be caused by damage of the systems by the virus”, the expert commented.

On 10 June this year, at 10:30 a.m., Ukrainian state agencies were attacked by the Petia virus. He had several modifications masked as ransomwares. However, Head of the Security Service of Ukraine Vasyl Grytsak denied this stating that the main purpose of the virus was to destabilize the information structure of Ukraine. At the same time, domestic economic analysts state that the virus will decrease the GDP of Ukraine by 0.5%.

“There are a lot of cases with virus attacks of nuclear facilities in the world. For example, virus attack of the Mondju nuclear reactor in Japan. It happened when an employee of the NPP updated an application installed on the computer. The computer was a component of the physical protection system of the nuclear facility. As a result, the virus was spread, all data from the NPP was copied and sent to an unknown server address in the South Korea”, Serhii Drapei says.

According to him, a similar story happened in January 2003 in the United States when the virus entered the secured network of the Davis Bess NPP. The physical protection system of the facility stayed inoperative for five hours. The cause was an error at the system administrator level.

“I would also like to talk about the use of mobile phones at nuclear facility sites”, the expert continues. “According to the company ensuring safety of using mobile devices a number of viruses carried by mobile phones increases every year. In 2012, about 33 million Android-based phones were infected. In Ukraine, there are a lot of such phones. How many of them get to NPP sites every day and what it may cause is a good question”.

Since 2007, the State Center of Cyber Defense and Cyber Threats Counteraction (CERT-UA) of the State Service of Special Communications and Information Protection is established in Ukraine. “Unfortunately, this organization is not large and the number of its experts is not significant. Thus, it is difficult for the organization’s experts to respond immediately to a particular problem. I think that it is necessary to form an appropriate team that will respond immediately  in case of cyber threats at the level of nuclear power plants in Ukraine, at the level of the nuclear regulatory authority. The group should include experts from all nuclear facilities of Ukraine, as well as representatives of the SNRIU, Energoatom Company and the Ministry of Energy and Coal Industry of Ukraine. Experts from other organizations may also be involved in making a joint decision to combat cybercriminals in the energy sector”, Serhii Drapei is sure.

According to him, there are more and more messages in the network on a new virus similar to Petia.

“The Petia virus attacked the financial sector and it is not known what agencies will be the target of a new virus. We should be ready to prevent the threat. I think there is a necessity to form a cyber defense response team for nuclear installations. It will contribute to improving the physical protection system of nuclear facilities in Ukraine”, expert of the George Kuzmich Training Center for Physical Protection, Accounting and Control of Nuclear Material Serhii Drapei said. “Almost all experts of domestic NPPs state that their system of cybersecurity is at a rather high level. However, is it really so?”

Uatom.org Editorial Board