Physical red team assessment in nuclear energy
- nicolaferraritest
- Mar 20
- 1 min read
The problem
When one of the UK’s largest nuclear power station’s reached its end of life, a decommissioning process was initiated. A key requirement was an assessment of the physical security and its integrity, managed and overseen by the Nuclear Decommissioning organisation. The nuclear facility was assessed to face threats from a variety of adversaries, including state-sponsored groups, hacktivists, terrorists, cybercriminals, and malicious insiders. These threats were motivated by multiple drivers, including economic, political, or ideological motives.
Solution and Implementation
Avella undertook a covert physical penetration test of security measures to identify any vulnerabilities that could be exploited with the potential to disrupt, delay or damage vital infrastructure on which the decommissioning process was wholly reliant.
Our physical security experts conducted a comprehensive ground study to assess the planning of a route that could circumnavigate CCTV and Intruder Detection Systems (IDS). Specialist techniques were used to cross high-security fencing and bypass IDS systems, enabling access to numerous offices and storage bays. Our specialists were then able to glean sensitive documentation on IT and Operational Technology systems that enabled further cyber exploitations to take place.
Results
As a consequence of the penetration test, several security measures were revised to ensure that identified and exploited vulnerabilities were mitigated, ensuring that core business assets, IT systems and sensitive information were suitably protected.
Security measures were revised to ensure identified and exploited vulnerabilities were mitigated, ensuring that core business assets, IT systems and sensitive information were suitably protected.
