Cumbria nuclear site denies cyber attacks by groups linked to Russia & China
A investigation into Sellafield has been published by one of the papers
Sellafield has denied reports its IT networks have been attacked by cyber groups linked to Russia and China.
The Guardian newspaper said an investigation into the nuclear site in Cumbria found security breaches, dating back to 2015, which it says were not reported to regulators for "several years".
The year-long investigation, named Nuclear Leaks, said sleeper malware which can be used to spy on or attack systems had been embedded in the networks and could still be there.
But a statement from Sellafield Ltd, which runs the site under the control of the Government-run Nuclear Decommissioning Authority, said the company had "no records or evidence" that its networks had been "successfully attacked by state actors" as outlined in the report.
The statement said:
"Our monitoring systems are robust and we have a high degree of confidence that no such malware exists on our system.
"We take cyber security extremely seriously at Sellafield. All of our systems and servers have multiple layers of protection.
"Critical networks that enable us to operate safely are isolated from our general IT network, meaning an attack on our IT system would not penetrate these."
The Guardian investigation looked into cyber hacking, radioactive contamination and workplace culture at the site, which housed a nuclear power plant until 2003 and is used for nuclear waste processing and storage as well as decommissioning.
The report quotes sources at the Office for Nuclear Regulation (ONR) that Sellafield was placed into "special measures" last year over cybersecurity failings.
An ONR spokesperson told The Guardian:
"Some specific matters are subject to ongoing investigations, so we are unable to comment further at this time."