it's the end of the world as we know it
America's nuclear power plants use passwords like '1234'
The only thing preventing a possible nuclear reactor meltdown could be the password "1234," according to a new global study of power plant security systems, the Financial Times reports. Hacking into a power plant's computers could allow a malicious individual to tamper with cooling systems and back-ups to induce a nuclear meltdown. While the risk of damage is exponentially high in the case of a hack, new research has found that nuclear facilities have few measures in place to prevent a destructive cyber attack.
"Cyber security is still new to many in the nuclear industry," said Caroline Baylon, who authored the report. "They are really good at safety and, after 9/11, they've got[ten] really good at physical security. But they have barely grappled with cyber."
Baylon and her team at the nonprofit NGO think tank Chatham House studied 50 power plant cyber attacks and interviewed senior officials in Canada, France, Germany, Japan, the U.K., Ukraine, and the U.S. The findings are a bit terrifying:
Most facilities still do not take cyber security seriously enough in spite of such instances, Ms. Baylon said. Officials interviewed for the report, for example, described default vendor logins — the standard factory-set passwords such as "1234" — as being "everywhere" when it comes to the computer systems that regulate nuclear processes. [Financial Times]
Baylon added that many engineers and officials believe that because their computer systems aren't connected to the internet, they're immune to attacks — a mindset Baylon called "a culture of denial."
"Many people said it was simply not possible to cause a major incident like a release of ionizing radiation with a cyber attack... but that's not necessarily true," she said.