Was the British nuclear site hacked by China and Russia? The government denies and a newspaper talks about years of cover-up outside

The British newspaper reported that Sellafield, which deals with the reprocessing of nuclear fuel and the storage and dismantling of nuclear waste, was hacked by electronic groups believed to be closely linked to Russia and China. They had access to the complex’s networks. However, the authorities are said to have covered up the cyber attack.

According to the newspaper, the authorities do not know exactly when IT systems were first hacked. But sources told the newspaper that the breaches were first discovered in 2015, when experts realized that so-called “dormant malware” – software that is latent and can be used to spy on or attack systems – was embedded in Sellafield’s computer networks.

According to The Guardian, it is not yet known whether the malware has been removed. This could mean that some of Sellafield’s most sensitive activities, such as transporting radioactive waste and monitoring leaks of hazardous materials, were compromised. Sources indicate that it is possible that foreign hackers have gained access to the highest level of classified materials at the nuclear site.

It is difficult to estimate the full extent of the hack because Sellafield did not inform the Nuclear Regulatory Commission and other relevant authorities about the cyberattack for years.

However, the British government strongly denies this: “Our monitoring systems are robust and we are confident that no such malware will appear in our system,” the government said. “This was confirmed to The Guardian well before publication, along with a number of other errors in its reporting.”

Sellafield, controlled by the UK government’s Nuclear Decommissioning Authority, is based in northwest England and has 11,000 employees. The site contains the world’s largest plutonium stockpile and is a sprawling dumping ground for nuclear waste generated by weapons programs and decades of nuclear power generation.

In a separate statement, the Office for Nuclear Regulation (ONR), the UK’s nuclear energy body, said it had also seen no evidence that foreign government actors had hacked the systems, as the newspaper claimed.

However, the regulator said Sellafield did not currently meet the high standards required for cyber security, adding that it had placed the plant under “significantly increased scrutiny”. “Some specific matters are the subject of an ongoing investigation, so we cannot comment further at this time,” the office said.

The Guardian writes that the National Research Office is believed to be preparing to take legal action against individuals in Sellafield over insecurity.