'The UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal.
The astonishing disclosure and its potential effects have been consistently covered up by senior staff at the vast nuclear waste and decommissioning site, the investigation has found.
The Guardian has discovered that the authorities do not know exactly when the IT systems were first compromised. But sources said breaches were first detected as far back as 2015, when experts realised sleeper malware – software that can lurk and be used to spy or attack systems – had been embedded in Sellafield’s computer networks.
It is still not known if the malware has been eradicated. It may mean some of Sellafield’s most sensitive activities, such as moving radioactive waste, monitoring for leaks of dangerous material and checking for fires, have been compromised.
Sources suggest it is likely foreign hackers have accessed the highest echelons of confidential material at the site, which sprawls across 6 sq km (2 sq miles) on the Cumbrian coast and is one of the most hazardous in the world.
The full extent of any data loss and any ongoing risks to systems was made harder to quantify by Sellafield’s failure to alert nuclear regulators for several years, sources said.
The revelations have emerged in Nuclear Leaks, a year-long Guardian investigation into cyber hacking, radioactive contamination and toxic workplace culture at Sellafield.
The site has the largest store of plutonium on the planet and is a sprawling rubbish dump for nuclear waste from weapons programmes and decades of atomic power generation.'
Sellafield nuclear site hacked by groups linked to Russia and China - The Guardian