Cyber threat at Browns Ferry?
Federal lawmakers seek answers about 2006 temporary shutdown at local nuclear plant
By Ben Evans
Associated Press Writer
WASHINGTON — An overloaded computer network prompted a temporary shutdown at a Browns Ferry Nuclear Plant reactor last year, and federal regulators still can't say where the interference came from.
The shutdown, at the Tennessee Valley Authority plant, occurred amid growing congressional scrutiny over whether utilities and other high-risk sites are vulnerable to cyber attacks as they increasingly rely on computer networks to remotely control their operations.
Nuclear Regulatory Commission officials say the August 2006 malfunction did not threaten the safety of the plant and that they are confident an outside hacker was not responsible. But in a letter to the agency this week, the House Homeland Security Committee called for a broader investigation, citing a host of unanswered questions.
"It appears from the information that we've collected so far that this (plant) may or may not have been compromised. We want the NRC to determine the source," committee Chairman Bennie Thompson, D-Miss, said in an interview.
"We need to know whether instances like this are internal or external, and to what extent we are going to deal with them. For the NRC to rely on the operator's explanation of what happened ... we think does not go far enough," he said.
In a report issued last month, the NRC said TVA officials manually shut down the plant's Unit 3 reactor after "excessive traffic" on the computer network caused recirculation pumps to fail, creating a potentially unstable condition.
Although TVA hasn't determined the source of the data overload, the NRC said the utility reacted appropriately to the failure and has addressed it by installing new "firewalls" to better control traffic on the network.
NRC and TVA officials said the Browns Ferry network involved is an internal-only network and — when operated as designed — cannot accept data from outside sources. TVA spokesman Terry Johnson said the utility believes the failure may have been caused by an unexplained glitch in the computer system.
But when pressed, the officials would not categorically rule out the possibility of outside access.
"We have reasonable assurance that there is no external access to this system," said Eva Brown, the NRC's project manager at Browns Ferry. "We did an independent assessment to convince ourselves that (TVA's) conclusions were acceptable, and there was no evidence of an external source."
Shutdowns at nuclear plants are somewhat rare; Browns Ferry had two shutdowns in all of 2006, and has had two so far this year.
NRC spokesman Scott Burnell said the agency's public notice on the August 2006 incident should serve to warn other operators of the potential problem, although the NRC is not requiring any action.
"At this point there isn't any regulatory reason to," he said. "Sometimes it does take small events like this to bring issues to the attention of the staff at the plant and the NRC. That's why we issued this informational notice."
Joe Weiss, managing partner at Applied Control Solutions and an expert on industrial computer security, said he doubted that anyone intentionally caused the Browns Ferry network to fail. But, he said, it raises concerns regardless.
"The whole area of cyber security in industrial facilities is effectively in its infancy," he said. "There needs to be a greater appreciation within the nuclear community that these systems truly are connected."
Earlier this week, the NRC gave final approval for the TVA to restart a third reactor at Browns Ferry after a 22-year shutdown prompted by concerns about safety and management.
Since the Sept. 11, 2001, terrorist attacks, security experts have warned of vulnerabilities in the computer networks of the nation's "critical infrastructure," including emergency response agencies, electricity providers and water treatment plants.
A 2005 report from the Environmental Protection Agency's inspector general, for example, found that water utilities had installed computer-based remote controls "with little attention paid to security," leaving valves, pumps and chemical mixers open to cyber attack.
In 2003, a computer virus temporarily disabled the safety monitoring system at the Davis-Besse nuclear station in Ohio, even though the utility thought the network was protected from such a breach.
On the Net
Nuclear Regulatory Commission, www.nrc.gov
Tennessee Valley Authority, www.tva.gov
Copyright 2005 Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
Save $84.50 a year off our newsstand price:
Subscribe today for only 38 cents a day!