Russia's Beloyarsk Nuclear Power Plant has been breached by a GURMO Cyber unit
Beloyarsk is the world's only commercial fast breeder reactor
The Beloyarsk Nuclear Power Plant in Zarechny, Sverdlovsk Oblast, Russia has been hacked by cyber operators at the Main Intelligence Department of the Ministry of Defense of Ukraine (GURMO). The hackers breached the plant’s business network and exfiltrated a large amount of data including contracts, architectural diagrams, alarm system configurations, set-up instructions for control system parts, etc.
This article is the first of several that will be exploring the Beloyarsk NPP data breach along with related breaches at the JINR (Joint Institute for Nuclear Research) located in Dubna, Moscow Region. The JINR breach will be covered in a later article.
All articles will have a common layout where the first section for free subscribers will provide an overview of the attack along with screenshots of some of the documents. Paid subscribers will have access to the full article including more details on the attack, analysis of some of the documents taken, and downloadable access to the documents discussed in this article.
Background
Beloyarsk operates two Fast Breeder Reactors (BN-600 and BN-800), and they are the only commercial-use FBRs operating in the world today. Japan spent over $1B on its own fast-breeder project before it gave up on it. Over 20 nations are working on Fast Neutron Reactors because it can extract almost 100% of the energy contained in uranium, whereas light water reactors extract about 1%. A Fast Breeder Reactor is a type of Fast Neutron Reactor that has been designed to produce more plutonium than the uranium and plutonium it consumes. No other nation has been able to match Russia’s success to date.
The World Nuclear Association’s latest report on Fast Breeder / Fast Neutron Reactors has this to say about Beloyarsk’s BN-600 and BN-800 reactors:
The Russian BN-600 fast breeder reactor – Beloyarsk unit 3 of 600 MWe gross, 560 MWe net – has been supplying electricity to the grid since 1980 and is said to have the best operating and production record of all Russia's nuclear power units. It uses chiefly uranium oxide fuel, enriched to 17, 21 & 26%, with some MOX in recent years. It is a pool-type, with heat exchanger for three secondary coolant loops inside a pool of sodium around the reactor vessel and three steam generators outside the pool, supplying three 200 MWe turbine generators. The sodium coolant delivers 525-550°C at little more than atmospheric pressure. The BN-600 is reconfigured by replacing the fertile blanket around the core with steel reflector assemblies to burn the plutonium from its military stockpiles. Its licence has been extended to 2020 and a further five-year extension is envisaged.
The BN-800 from OKBM Afrikantov and Atomenergoproekt is a new more powerful (2100 MWt, 864 MWe gross, 789 MWe net) three-loop pool type FBR, which is actually the same overall size and configuration as the BN-600 except that the three steam generators drive a single turbine generator. There are some significant improvements from BN-600 however. The first (and probably only Russian one) is Beloyarsk 4, which started up in mid-2014. It has improved features including fuel flexibility – U+Pu nitride, MOX, or metal, and with breeding ratio potentially up to 1.3, though only 1.0 as configured at Beloyarsk. Russia had about 40 tonnes of separated plutonium stockpiled by 2010, which was expected to be burned in the BN-800 by 2025. The timing of this has slipped about four years.
It has much enhanced safety and improved economy – while capital cost is 20% more than VVER-1200, operating cost is expected to be only 15% more than VVER. It is capable of burning up to 3 tonnes of plutonium per year from dismantled weapons (1.7 t/yr also quoted by OKBM Afrikantov) and will test the recycling of minor actinides in the fuel.
An important feature of BN-800 closed-loop fuel cycle is that actinides (both plutonium and minor actinides) produced in the reactor are consumed in the same reactor.
The main purpose of the BN-800 is to provide operating experience and technological solutions, especially regarding the fuel, that will be applied to the BN-1200.
Sample documents taken from Beloyarsk NPP
Sample #1
Sample #2
Sample #3
Links to the complete files sampled above are provided later in this article.
Value Of This Breach To Russia’s Adversaries and Competitors
What is the value of a breach of the business network of Beloyarsk versus access to the Operational Technology (OT) side? There are at least three benefits to be derived from this data breach:
There are over 20 countries in addition to Russia who are interested in emulating Russia’s success with fast-breeder reactors. That makes this information inherently valuable.
Understanding who Beloyarsk’s vendors are and what equipment is being used gives a potential attacker options for moving from the business side to the control systems side if an attack on the operations of Belayarsk were to be considered
In light of Russia’s bombing of Ukraine’s Zaporizhzhia Nuclear Power Plant, this breach sends a signal to Vladimir Putin that Beloyarsk is also vulnerable.
Analysis
Weaknesses in the Software
Keep reading with a 7-day free trial
Subscribe to Inside Cyber Warfare to keep reading this post and get 7 days of free access to the full post archives.