French nuclear power group Areva may have fallen victim to an operating system-level electronic attack, which was first detected in September. Conflicting French media reports suggest hackers had access to Areva’s network as far back as two years (Slate France, here) or that the problem only affected "non-critical" data and …
I know this point gets raised everytime something like this comes up
But I'm genuinely interested to know. What is the advantage to having critical systems like this connected to the internet? The disadvantages are frighteningly apparent, so what are the good reasons that lead to nuclear plants and other obvious targets being hooked up to the internet?
Shutting down remotely
Imagine if terrorists invaded the power station and killed all the staff (like in the movies).
The only thing to do (because there are no heroes left) would be to log in through the internet and shut the site down... Or blow it up and write the surrounding area off as collateral damage. - can't let the terrorists win.
Did I miss something?
There does not seem to be any suggestion that "critical" systems were either infected or connected to the Internet.
As far as I can recall, no new reactors have been built in France for nearly 20 years, and at that time the internet was barely noticed.
The architecture of the approved control systems would not have included anything like Internet connectivity. If I recall correctly, the operator workstations were not even empowered to perform control actions and were limited to monitoring functions - there was no way that a computer that ran any sort of sophisticated graphics could meet the SIL rating required to be involved in control.
Over the intervening years there have almost certainly been some system upgrades, but the SIL aspect of computers has not improved so I would expect that the actual control is still performed by dedicated embedded computers using relatively primitive operating systems. That's not to say that they are automatically immune to network issues (if they are network connected) but your average computer virus or other malware would not get a foothold.
Whereas some Power Stations may use Siemens style PLCs to control them, Nuclear ones would not. They have to meet other regulations.
The advantage when it happens is that beancounters and middle management powerpoint jockeys in corporate HQ the other side of the world from the plant get to feel like they have their fingers on the pulse of their company. It serves absolutely no practical purpose whatever that I have ever been able to discern. Control system vendors litter their system architecture drawings with little boxes marked 'firewall' and the oxygen thieves believe the bull. The powerpoint and beancounter level is regrettably the level within globocorps where multi million dollar vendor choices are ultimately made and not down at the real engineers level where the bullshitometers function properly.
"no new reactors have been built in France for nearly 20 years..."
Try to lookup Civaux-1 & 2...
Beside, nuclear power plants are constantly upgraded, thanks god...
Basically it comes down to remote operation/control. Back in the day, if you wanted remote control of a substation or whatever, you ran your own phone line. Or you paid for BT to run a line for you which wasn't physically connected to the outside world. (Replace BT with your local monopoly telecoms provider, if you're not a Brit.)
Trouble is, that's *SERIOUSLY* expensive. So much so that a lot of these places would actually have dedicated onsite staff, when in fact they could happily be run remotely from some central hub with periodic visits by maintenance staff, because onsite staff worked out cheaper than leased lines. So there's a big financial incentive to just hook stuff up to the internet and trust in password security (or whatever).
as *SERIOUSLY* expensive as a terrorist attributed meltdown?
as far as I remember a reasonably local leased line has never been vastly more expensive than a fast internet connection, and for most command and control uses vast bandwidth isn't the issue and the latancy issues you may have using internet (or at least VPN, PLEASE!) also go away with a synchronous data leased line...
I rest my case your honour, make it illegal to use t'nternets for any CNI, leased line only, (I know BT may be happy about that, but how about forcing a CNI discount?)
"as *SERIOUSLY* expensive as a terrorist attributed meltdown?"
The problem is that company shareholders and accountants are rubbish at understanding risk, consequences and costs. Risks with extreme consequences but which are very unlikely to happen are often ignored. Why spend money mitigating something that is unlikely?
For example, Tepco had to be strong armed by the Japanese government to install pressure release valves at Fukushima. Turns out that they need those. Without them Japan would be looking at the ruins of four exploded reactor cores instead of four minor meltdowns.
Tepco are in real trouble anyway. They were pressed by various engineers and inspectors to shutdown the old reactors at Fukushima years ago. Had they done so they would be looking at a minor loss of electricity sales instead of complete corporate extinction.
In comparison, connecting vital corporate systems to the Internet seems much more likely to result in complete corporate disaster. So why do it?
Glow in the dark
"but had yet to hear back by the time of publication on Tuesday"