In Southeast Asia, reports indicate that cyberattacks targeting critical infrastructure increased by 300% between 2019 and 2023, with energy facilities being among the most frequently targeted. More than 56% of power plants worldwide have experienced cyber incidents in the past three years, highlighting the urgent need to strengthen cybersecurity measures to defend against ransomware, malware, and zero-day threats.

According to the latest report on cyberattacks against critical infrastructure, the energy sector has become an emerging prime target for malicious actors, accounting for an alarming 39% of attacks—more than three times that of the second most targeted industries, critical manufacturing (11%) and transportation (10%).

For more technical insights, visit the 8th IoT Security Summit on 11/27.

Experts around the world recommend that nuclear facility networks adopt the highest level of cybersecurity technologies. As a cybersecurity solutions provider trusted by 98% of nuclear power plants in the United States, OPSWAT has deep expertise in the risks and compliance requirements unique to nuclear facilities.

▪️ Case 1: How did the UK’s Dounreay nuclear site ensure complete file security?

DSRL, located in Scotland, is one of the operating companies under the UK’s Nuclear Decommissioning Authority (NDA). After more than half a century of service, the Dounreay nuclear site is currently in the decommissioning phase.

In the past, Dounreay relied on an outdated “Sheep Dip” system that used only a single antivirus engine. It struggled to process large volumes of external files, resulting in high time and labor costs.

Dounreay later adopted a technology-stack solution spanning both IT and OT systems, designed to meet advanced file-security needs beyond traditional antivirus and endpoint protection. For example, the OPSWAT MetaDefender Kiosk allows third-party vendors’ files to be scanned via USB devices before entering the internal Dounreay network, helping prevent cyberattacks at the entry point.

▪️ Case 2: How does a major European nuclear power producer mitigate shutdown risks?

A well-known nuclear power producer in Scandinavia operates multiple power plants, covering everything from facility design and procurement to nuclear waste management.

Nuclear operators must implement multi-layer security protocols and comply with strict regulatory standards. Therefore, any external device entering the plant’s air-gapped network must be fully trusted; otherwise, it poses a serious cybersecurity risk. Previously, this operator required third-party vendors to install an active scanning tool to check the safety of their devices. However, this approach relied too heavily on a single engine, had limited detection capability for unknown threats, lacked efficiency, and often failed on legacy devices.

To address these challenges, the operator adopted OPSWAT MetaDefender Drive, which actively detects and removes harmful threats while maintaining excellent compatibility with both new and older devices. Its built-in file-based vulnerability assessment and multi-antivirus-engine scanning significantly enhance the security of third-party collaboration.

From the above international cases, it is evident that due to the unique nature of nuclear power plants, even the smallest flaw in the security of internal isolated networks is unacceptable. During wartime, rather than launching large-scale bombings on nuclear facilities, taking over their network systems or the transmission systems of external facilities becomes a faster and more direct approach. Even if such attacks do not result in widespread radiation leakage, once the system is compromised and external facilities or power generation systems fail to operate normally, nuclear energy can no longer serve as a reliable emergency power source for Taiwan.