Last week, the UK delayed plans to build the proposed Hinkley Point C nuclear power plant, which would have been the first nuclear plant to be built in the UK in 20 years.
While the government did not give a specific reason for the hold-up, one reason suggested is that it has reservations over China’s role in the construction. The state-owned China General Nuclear Power Corporation has agreed to a 33 percent stake in the project, and some suggest that the new British government may be concerned about the cybersecurity of the plant. Nick Timothy, Prime Minister Theresa May’s chief of staff, has previously said that experts think the Chinese government could use its involvement to introduce vulnerabilities into systems, which would allow it to tamper with Britain's energy production in the future.
“I think it presents an opportunity to either collect intelligence or worse still to have some form of virtual control,” Alan Woodward, visiting professor at the University of Surrey’s Department of Computer Science, told Motherboard in a Twitter message.
This worry is echoed by Robert Lee, a former US Air Force cyber warfare operations officer and CEO of Dragos Security. He suggested that a Chinese, state-run company’s involvement in the project offers the country's intelligence services too good an opportunity to turn down.
“When we look at nuclear environments around the world, anything dealing with the field of nuclear energy tends to be a top priority in intelligence services,” Lee told Motherboard in a phone call. “If you are giving access to state-owned companies to those operations, it would almost be a disservice of Chinese intelligence operations not to take advantage of that.”
But the UK already has experience in working with Chinese companies on infrastructure. As Woodward pointed out, around 50 percent of BT’s 21st Century Network runs on equipment built by Huawei. “The UK government set up a special unit staffed by ex-GCHQ folk to trawl through every inch of the software (and hardware) to make sure there was nothing untoward in there,” Woodward said.
The Financial Times reported last year that discussions were taking place to give GCHQ access to the contractors involved in Hinkley Point, and the Times added that GCHQ would scrutinise systems.
GCHQ declined a request to comment, instead directing Motherboard to the Department for Business, Energy and Industrial Strategy (BEIS), which did not respond.
“Trust but verify should be our motto,” Woodward said.
But Lee remained unconvinced. “No matter how great it is to try to build bridges, the time and location is generally not national critical infrastructure,” he said.
Just look at the downside - a radioactive wasteland!