America's nuclear power plants use passwords like '1234'


The only thing preventing a possible nuclear reactor meltdown could be the password "1234," according to a new global study of power plant security systems, the Financial Times reports. Hacking into a power plant's computers could allow a malicious individual to tamper with cooling systems and back-ups to induce a nuclear meltdown. While the risk of damage is exponentially high in the case of a hack, new research has found that nuclear facilities have few measures in place to prevent a destructive cyber attack.
"Cyber security is still new to many in the nuclear industry," said Caroline Baylon, who authored the report. "They are really good at safety and, after 9/11, they've got[ten] really good at physical security. But they have barely grappled with cyber."
Baylon and her team at the nonprofit NGO think tank Chatham House studied 50 power plant cyber attacks and interviewed senior officials in Canada, France, Germany, Japan, the U.K., Ukraine, and the U.S. The findings are a bit terrifying:
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Most facilities still do not take cyber security seriously enough in spite of such instances, Ms. Baylon said. Officials interviewed for the report, for example, described default vendor logins — the standard factory-set passwords such as "1234" — as being "everywhere" when it comes to the computer systems that regulate nuclear processes. [Financial Times]
Baylon added that many engineers and officials believe that because their computer systems aren't connected to the internet, they're immune to attacks — a mindset Baylon called "a culture of denial."
"Many people said it was simply not possible to cause a major incident like a release of ionizing radiation with a cyber attack... but that's not necessarily true," she said.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Jeva Lange was the executive editor at TheWeek.com. She formerly served as The Week's deputy editor and culture critic. She is also a contributor to Screen Slate, and her writing has appeared in The New York Daily News, The Awl, Vice, and Gothamist, among other publications. Jeva lives in New York City. Follow her on Twitter.
-
Today's political cartoons - May 3, 2025
Cartoons Saturday's cartoons - measles on the rise, sage advice, and more
-
5 shellshocked cartoons about Trump's first 100 days
Cartoons Artists take on a wild ride, F.D.R., and more
-
Kashmir: on the brink of a 'catastrophic' war
Talking Point Relations between India and Pakistan are 'cratering' in the aftermath of a shocking terror attack in the disputed border region
-
US proposes eroding species protections
Speed Read The Trump administration wants to change the definition of 'harm' in the Environmental Protection Act to allow habitat damage
-
Severe storms kill dozens across central US
Speed Read At least 40 people were killed over the weekend by tornadoes, wildfires and dust storms
-
Rain helps Los Angeles wildfires, risks mudslides
Speed Read The weather provided relief for crews working to contain wildfires, though rain over a burn area ups the chances of flooding and mudslides
-
Death toll rises in LA fires as wind lull allows progress
Speed Read At least 24 people have died and 100,000 people are under mandatory evacuation orders
-
Biden cancels Italy trip as raging LA fires spread
Speed Read The majority of the fires remain 0% contained
-
Fast-spreading Los Angeles wildfires spark panic
Speed Read About 30,000 people were under an evacuation order as the inferno spread
-
Hundreds feared dead in French Mayotte cyclone
Speed Read Cyclone Chido slammed into Mayotte, a French territory in the Indian Ocean
-
Thirteen missing after Red Sea tourist boat sinks
Speed Read The vessel sank near the Egyptian coastal town of Marsa Alam