Coincidentally, Romania’s Cernavoda Nuclear Power Plant suffered an automatic shutdown that infamous day. One year later, that remains the only Cernavoda reactor trip event in recent years for which the operator has never published a root cause.

Wild story. It feels like the hacker didn’t hack their way in, but rather paid their way in.

El tema es que 90 minutos antes del apagón, a las 11:00 sin oscilaciones en ese momento, se perdieron 1.2 GW en 10 minutos, de autoconsumo y < 1MW. Y la falta de datos no ha permitido investigar la causa segun los informes oficiales.

Está visto que la observabilidad del autoconsumo es mejorable

Hola Paco, soy Ruben. El interes no son las mediciones sino cómo reaccionó el inversor. Por eso pido logs de error del inversor o cualquier tipo de alarma que saltara durante esas horas.

A new Cyber-Physical Angle in Spain’s Blackout Just a few days ago, a reliable but anonymous source shared with me telemetry data from the day of the blackout, covering thousands of solar...

Just a few days ago, a reliable but anonymous source shared with me telemetry data from the day of the blackout, covering thousands of solar inverters deployed across Spain. www.reversemode.com/2025/06/a-ne...

CRACKERS I: The Gold Rush Software piracy in the ’80s and ’90s. The first book in the CRACKERS series. Digital visions and copy parties, intrigues and industrial espionage, disk traders and pirates. Elitism, escape and persecu...

not necessarily my favourite, but it is interesting and thoroughly documented microzeit.com/products/cra... CRACKERS I: The Gold Rush

"Because the initial email from [General] Al Rashidi to Hay came from a Hotmail address with the numbers '69' after the general’s name, one worker says they weren’t sure whether the outreach was legitimate.“

NeutronMode | LinkedIn Ruben Santamarta | The latest in nuclear cybersecurity: original content, technical analysis and news.

For those interested, I’m covering Spain’s blackout investigation from a technical and cyber-physical systems perspective. www.linkedin.com/newsletters/...

Modern alchemy www.home.cern/news/news/ph...

Spanish court investigates whether massive blackout was due to a cyberterrorist attack PM Pedro Sánchez says he will seek accountability from private operators and pledges changes: ‘This cannot happen again, ever’

english.elpais.com/spain/2025-0...

Spain's blackout: Cyber or Not? An unbiased technical analysis Introduction Yesterday afternoon, I was writing what should have been the regular newsletter when the power suddenly went out. I wasn’t al...

I just published www.reversemode.com/2025/04/spai...

Portugal's National Cybersecurity Centre says: "There is no evidence to date pointing to a cyberattack. We would like to draw attention to the circulation of disinformation that occurs in these situations, and we therefore advise that every information should be confirmed with reliable sources."

Something is going on

Finished “Nuclear War: A Scenario”. Interesting, with many details and thorough documentation. However, IMHO it feels too much like fiction for a non-fiction book. en.wikipedia.org/wiki/Nuclear...

Resecurity warns of increased cyber threats to energy and nuclear facilities from hacktivists and nation-states Resecurity warns of increased cyber threats to energy and nuclear facilities from hacktivists and nation-states.

Resecurity warns of increased cyber threats to energy and nuclear facilities from hacktivists and nation-states buff.ly/MJoSTR7

archive.ph/2025.04.14-0...

NM#6 Was Sellafield, Britain's "Nuclear Narnia", Actually Hacked? Welcome to the sixth edition of NeutronMode. In-Depth Analysis: Was Sellafield, Britain's "Nuclear Narnia", Actually Hacked? In 2023, The Guardian dropped a 'bombshell' that ignited a full-blown nucle...

NM#6 is out. www.linkedin.com/pulse/nm6-se...

Cybersecurity industry falls silent as Trump turns ire on SentinelOne The cybersecurity industry has gone mostly quiet after President Donald Trump took action against one of its prominent members.

New: @ajvicens.bsky.social and I asked 33 leading information security companies for their reaction to Trump's order stripping @sentinelone.com employees and executives of their security clearances.

Not one had anything to say about it.

www.reuters.com/world/us/cyb...

Cyber-Physical Analysis of Weapons of Mass Destruction Detection Systems: Part 1 - DARPA's SIGMA Index 1.  Introduction 2.  Practical Gamma Spectroscopy for Security Researchers 3.  SIGMA Network 4.  Conclusions Disclaimer To avoid any m...

I’ve just published “Cyber-Physical Analysis of Weapons of Mass Destruction Detection Systems (I): DARPA's SIGMA” www.reversemode.com/2025/04/cybe...

NM#4 Fear Chernobyl...or not? Welcome to the fourth edition of NeutronMode. In-Depth Analysis: Fear Chernobyl.

NM#4 is out “Fear Chernobyl…or not?” www.linkedin.com/pulse/nm4-fe...

NM#3 - Stories of Ionizing Radiation and Helicopters: From Chernobyl to the Super Bowl Welcome to the third edition of NeutronMode! In-depth Analysis Helicopters, with their ability to quickly cover large areas and access difficult-to-reach zones, have long been a valuable resource for ...

NeutronMode#3, my newsletter on nuclear cybersecurity, is out www.linkedin.com/pulse/nm3-st...

The Cyber Dimension of the Zaporizhzhia NPP Occupation The war that began with Russia's full-scale invasion of Ukraine has led to a series of unprecedented nuclear-related situations. During the ...

I’ve just published “The Cyber Dimension of the Zaporizhzhia NPP Occupation” www.reversemode.com/2025/01/the-...

Heysham 2 is an Advanced Gas-Cooled Reactor. I created the following image to demonstrate how non-radioactive steam is precisely released from the expected location.

As EDF stated, this is a normal procedure for venting steam during an unplanned reactor trip. I literally covered this specific situation in my latest paper www.reversemode.com/2024/10/a-pr...

Heysham: Cloud at Lancashire nuclear site 'no cause for concern' EDF said a reactor tripping out had caused a sudden release of "clean steam".

I’m not sure if yesterday evening’s events at the UK’s Heysham 2 Nuclear Power Plant will be used in misinformation campaigns, but just in case, here’s a short thread with some technical details. www.bbc.com/news/article...

Addressing the Exploitation of Radiation Fear: A Self-Assessment Guide to Counter Disinformation In December 2024, two events —drone sightings in the US and Israel’s strike on Syria’s weapon depots— were followed by orchestrated reports ...

I’ve just published www.reversemode.com/2025/01/addr...

UK’s NDA launches cyber facility to safeguard nuclear sector against evolving threats U.K.'s NDA announces the Launch of a Cyber Facility to Fortify Nuclear Sector Against Evolving Threats and Attacks.

UK’s Nuclear Decommissioning Authority launches cyber facility to safeguard nuclear sector against evolving threats industrialcyber.co/threats-atta... Just to add some context, Sellafield was recently fined for its poor security posture www.bbc.com/news/article...

A New Nuclear Age A New Nuclear Age

Today’s world nuclear energy day. “A New Nuclear Age” is an interesting (non-technical) paper that, among other things, discusses how different the world would be if nuclear energy had been widely adopted, instead of being phased out.
institute.global/insights/cli...