“Besides the Stuxnet attack, it describes a cyber-theft at a Korean facility in December 2014 in which reactor blueprints and electrical flow charts were stolen. The earliest well-known incident took place in 1992 when a technician at a Lithuanian nuclear power plant introduced a virus into the industrial control system with the stated intention of demonstrating cyber-dangers. Other reported incidents are equally sobering: one expert cited estimates that some 50 major incidents have affected nuclear industrial control systems. And that is in addition to the now-routine daily attacks targeting operational data.”
…
“The cyber-security threat to nuclear facilities demands an organizational response. Leaders from the boardroom to the control room must be fully aware of cyber-risks and their management. Future facilities must incorporate cyber-security by design, including authentication and encryption technologies right from the drawing board, building in redundancy for resilience.”