Cyber and Nuclear Security

This project aims to assess the risks and vulnerabilities of the international civil nuclear sector in regards to cyber security and to identify potential policies and international measures to enhance cyber security in the wider nuclear security field.


The exploitation of cyber vulnerabilities in critical infrastructure is becoming an increasingly pervasive security threat. At the global level, dependence on cyberspace is increasing and creates new and unexpected vulnerabilities. This dependence extends to nuclear energy production plants, which rely on computer networks for most internal processes. Many plants are connected to external networks, and there are a variety of ways in which a malicious actor could exploit these dependencies to create a security incident. 

Since the stark illustration of the impact of a natural disaster at the Fukushima nuclear plant in 2011, there is renewed concern that attacks on civil nuclear installations—including cyber attacks—may prove attractive to terrorist organizations and to states. In addition, alleged US and Israeli involvement in the Stuxnet attacks on Iranian nuclear infrastructure may lead to reprisal attacks and an escalation of hostilities. Attacks could be carried out by individuals or organizations in places where the rule of law is poorly enforced, which impedes efforts at deterrence. The situation is further complicated by conflicting public and private sector perspectives on how to mitigate threats.  This issue is rapidly garnering increased international attention, with concerns about nuclear vulnerabilities to cyber attacks highlighted at the March 2012 Nuclear Security Summit in Seoul. 


Project Overview

The project goals are to:

1. assess the risks and vulnerabilities of the international civil nuclear sector in regards to cyber security

2. identify potential policies and international measures to enhance cyber security in the wider nuclear security field 

Over an 18 month period, the project will establish and engage with a strong constituency of international experts and stakeholders from a wide range of the fields through:

  • a survey (including interviews and a literature review)
  • three expert roundtable workshops
  • ongoing online activities on our project blog to establish a wider dialogue on cyber security and nuclear security with both a UK and an international audience

The project will culminate in the preparation of a final report, which will be broadly disseminated and discussed at the international level.

The project is funded by the MacArthur Foundation International Peace and Security Program.


Project Timeline

Phase 1: A survey of existing risks, vulnerabilities, and potential impacts, including through interviews and a literature review. 

  • First expert roundtable (12 May 2014)

Phase 2: Investigation of potential ways to reduce undesired activity, and development of proposals for international policies and measures. In order to have direct policy relevance and utility, researchers will engage with international stakeholders from across the field.

  • Second expert roundtable (23 September 2014)

Phase 3: Preparation of a final report outlining findings and policy recommendations.

  • Third expert roundtable (February 2015)

Phase 4: Publication and dissemination of research findings. This final stage will focus on disseminating the findings widely.

More on Cyber and Nuclear Security

Latest (31)
Launch Control Center control panel for the Minuteman III nuclear intercontinental ballistic missiles located in New Ramer, Colorado. Photo: Andy Cross/Contributor /Getty Images.
Research paper

Cybersecurity of Nuclear Weapons Systems: Threats, Vulnerabilities and Consequences

Research Event

The Internet of Things and Risk Management: How Innovation is Changing the Nature of Risk

Research Event

Cyber Security and Nuclear Security: Addressing Risks and Implementing Solutions

A Saudi university student on his laptop. Photo by FAHD SHADEED/AFP/Getty Images
Expert comment

Tackling Cybercrime: Time For the GCC to Join Global Efforts

Research Event

Security by Design: Mitigating Cyber Security Risks in Civil Nuclear Infrastructure in the Gulf

Workers of Korea Hydro and Nuclear Power Co participate in an anti-cyber attack exercise at the Wolsong nuclear power plant in Gyeongju, South Korea. Photo by Korea Hydro and Nuclear Power Co via Getty Images.
Chatham House Report

Cyber Security at Civil Nuclear Facilities: Understanding the Risks

The World Today

Expert view: Tracking the Sony hackers

French members of Commissariat a l'Energie Nucleaire, CEA (Atomic Energy Centre) look at a drone during a simulation exercise at the Cadarache CEA nuclear plant in Saint-Paul-les-Durance, France. Photo by BORIS HORVAT/AFP/Getty Images.
Expert comment

Drones are an Increasing Security Issue for the Nuclear Industry

Research Event

Are Nuclear Arms Still Relevant in Today's Security Environment?

US Secretary of State John Kerry and former EU Foreign Policy Chief Catherine Ashton meet with Iranian Foreign Minister Mohammad Javad Zarif as a part of negotiations over Iran's nuclear program in Vienna on 22 November 2014. Photo by Getty Images.
Expert comment

The Extension of Iran Nuclear Negotiations: A Lesson from Reykjavik

Research Event

The Iran Deal: Is Hedging Still a Possibility?

Africa and the Global Market in Natural Uranium

Research Event

Surveillance in an Information Society: Who Watches the Watchers?

Research Event

A Fierce Domain: Conflict in Cyberspace, 1986 to 2012

Research Event

'Cyber War Will Not Take Place'

Research Event

Asia-Pacific Security: Nuclear Non-proliferation, Disarmament and the Test-ban Treaty

Cyber Security Information Sharing Partnership (CISP) Launch

Cyber Security Information Sharing Programme (CISP) Launch

Research Event

International Law on Cyber Warfare

Other resource

Epub: Cyber Security and Global Interdependence: What Is Critical?


Past events (16)